FKIE_CVE-2025-52550

Vulnerability from fkie_nvd - Published: 2025-09-02 12:15 - Updated: 2025-10-01 18:20
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade.
References
dd59f033-460c-4b88-a075-d4d3fedb6191https://www.armis.com/research/frostbyte10/Mitigation, Third Party Advisory
Impacted products
Vendor Product Version
copeland e3_supervisory_controller_firmware *
copeland site_supervisor_bx_860-1240 -
copeland site_supervisor_bxe_860-1245 -
copeland site_supervisor_cx_860-1260 -
copeland site_supervisor_cxe_860-1265 -
copeland site_supervisor_rx_860-1220 -
copeland site_supervisor_rxe_860-1225 -
copeland site_supervisor_sf_860-1200 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "791AC7BF-A584-446A-A5FB-CB282430567A",
              "versionEndExcluding": "2.31f01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62991432-9156-4152-B940-4428A06ABBDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7281C06F-83DC-4A57-9076-B666C643B1A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC339BFF-3123-4BE2-8092-3AD6FBB0AEFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42AA549-5959-4E4D-81AD-9E04218EC157",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F77BC1C-9709-40CB-AF4D-6A118D8F41E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F10BB44-439E-4823-8ECF-1700355C78E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4909D80-1F06-437F-8D66-E39535B5E60D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "E3 Site Supervisor Control (firmware version \u003c 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade."
    },
    {
      "lang": "es",
      "value": "Los paquetes de actualizaci\u00f3n de firmware de E3 Site Supervisor Control (versi\u00f3n de firmware \u0026lt; 2.31F01) no est\u00e1n firmados. Un atacante puede falsificar paquetes de actualizaci\u00f3n de firmware maliciosos. Un atacante con acceso de administrador a los servicios de la aplicaci\u00f3n puede instalar una actualizaci\u00f3n de firmware maliciosa."
    }
  ],
  "id": "CVE-2025-52550",
  "lastModified": "2025-10-01T18:20:33.640",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "LOW",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "dd59f033-460c-4b88-a075-d4d3fedb6191",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-02T12:15:37.747",
  "references": [
    {
      "source": "dd59f033-460c-4b88-a075-d4d3fedb6191",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://www.armis.com/research/frostbyte10/"
    }
  ],
  "sourceIdentifier": "dd59f033-460c-4b88-a075-d4d3fedb6191",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "dd59f033-460c-4b88-a075-d4d3fedb6191",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.