PT-2025-35553 · Unknown · E3 Site Supervisor Control
Armis Labs
·
Published
2025-09-02
·
Updated
2025-09-02
·
CVE-2025-52544
CVSS v4.0
8.8
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
E3 Site Supervisor Control versions prior to 2.31F01
Description
E3 Site Supervisor Control (firmware version prior to 2.31F01) has a floor plan feature that allows an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system.
Recommendations
Update E3 Site Supervisor Control to version 2.31F01 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
E3 Site Supervisor Control