Unrated severityNVD Advisory· Published Sep 2, 2025· Updated Sep 2, 2025

Enabling SSH and Shellinabox on the vulnerable machine

CVE-2025-52548

Description

E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.

Affected products

Copeland LP/E3 Supervisory Controlv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.armis.com/research/frostbyte10/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000