E3 Site Supervisor Control (firmware version < 2.31F01) RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://www.armis.com/research/frostbyte10/ |
Configurations
No configuration.
History
02 Sep 2025, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-02 12:15
Updated : 2025-09-02 15:55
NVD link : CVE-2025-52545
Mitre link : CVE-2025-52545
CVE.ORG link : CVE-2025-52545
JSON object : View
Products Affected
No product.
CWE
CWE-522
Insufficiently Protected Credentials