CVE-2025-52547

DoS to the application services

Description

E3 Site Supervisor Control (firmware version < 2.31F01) MGW contains an API call that lacks input validation. An attacker can use this command to continuously crash the application services.

INFO

Published Date :

2025-09-02T11:25:54.718Z

Last Modified :

2025-09-02T13:29:17.409Z

Source :

Armis

AFFECTED PRODUCTS

The following products are affected by CVE-2025-52547 vulnerability.

Vendors	Products
Copeland	E3 Supervisory Controller Firmware Site Supervisor Bx 860-1240 Site Supervisor Bxe 860-1245 Site Supervisor Cx 860-1260 Site Supervisor Cxe 860-1265 Site Supervisor Rx 860-1220 Site Supervisor Rxe 860-1225 Site Supervisor Sf 860-1200

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-52547.

URL	Resource
https://www.armis.com/research/frostbyte10/

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact