PT-2025-35562 · Unknown · E3 Site Supervisor

Armis Labs

Published

2025-09-02

Updated

2025-09-04

CVE-2025-6519

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions E3 Site Supervisor versions prior to 2.31F01

Description E3 Site Supervisor firmware contains a default administrator account, ONEDAY, with a daily generated password that is predictable. The ONEDAY user cannot be deleted or modified.

Recommendations Update E3 Site Supervisor to version 2.31F01 or later.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2025-6519

Affected Products

E3 Site Supervisor

PT-2025-35562 · Unknown · E3 Site Supervisor

CVE-2025-6519

Weakness Enumeration

Related Identifiers

Affected Products

References · 6