CVE-2025-52544:E3 Supervisory Control (firmware < 2.31F01) contains an unauthenticated path traversal via the floor plan upload feature that allows an attacker to read arbitrary files from the device filesystem.

splash
Back

Description Preview

The floor plan upload functionality in Copeland LP E3 Supervisory Control firmware versions prior to 2.31F01 fails to properly validate uploaded content, enabling a specially crafted floor plan file to induce a path traversal and read arbitrary files on the device. The flaw requires no authentication and is exploitable over the network, resulting in high confidentiality impact (exposure of configuration files, credentials, logs) with lower integrity and availability impacts. The issue is classified as CWE-20 (Improper Input Validation) and maps to CAPEC-126 (Path Traversal). Armis Labs is credited for the discovery; CVSS 4.0 base score is 8.8 (HIGH). Public disclosure date: 2025-07-29.

Overview

An unauthenticated attacker can upload a specially crafted floor plan file to the E3 Supervisory Control device which leverages insufficient input validation to traverse the filesystem and retrieve arbitrary files. The vulnerability is reachable via the device network interface (ETH0) and does not require user interaction or prior credentials, enabling remote information disclosure that can lead to further compromise of the control environment and connected systems. Affected firmware releases are any E3 Supervisory Control versions less than 2.31F01.

Remediation

Apply the vendor-supplied firmware update to a patched release (upgrade to 2.31F01 or later; vendor guidance also cites >2.30F1). As a mitigation until patched, restrict network access to the device management interface (ETH0) using isolated VLANs, subnet restrictions, and network firewall rules to ensure it is not reachable from untrusted networks. After remediation, verify system integrity, review access logs for suspicious uploads, and rotate any credentials or keys stored on the device if compromise is suspected.

References

  1. https://www.armis.com/research/frostbyte10/

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services: Low
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  5. Construction: Low
    Construction
  6. Educational Services: Low
    Educational Services
  7. Finance and Insurance: Low
    Finance and Insurance
  8. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  9. Information: Low
    Information
  10. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  11. Manufacturing: Low
    Manufacturing
  12. Mining: Low
    Mining
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  15. Public Administration: Low
    Public Administration
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background