PT-2025-35559 · Unknown · E3 Site Supervisor Control
Armis Labs
·
Published
2025-09-02
·
Updated
2025-09-02
·
CVE-2025-52550
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
E3 Site Supervisor Control versions prior to 2.31F01
Description
E3 Site Supervisor Control firmware upgrade packages are unsigned, allowing attackers to forge malicious packages. An attacker with administrative access to the application services can install these malicious firmware upgrades.
Recommendations
Update E3 Site Supervisor Control to version 2.31F01 or later.
Fix
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
E3 Site Supervisor Control