CVE-2025-52545

CVSS v4.0

7.7

High

Vector

AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:L/SA:L

Name of the Vulnerable Software and Affected Versions E3 Site Supervisor Control versions prior to 2.31F01

Description The RCI service in E3 Site Supervisor Control contains an API call that allows reading user information, including all usernames and password hashes for application services.

Recommendations Update E3 Site Supervisor Control to version 2.31F01 or later.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2025-52545

Affected Products

E3 Site Supervisor Control

CVE-2025-52545

Weakness Enumeration

Related Identifiers

Affected Products

References · 5