CVE-2025-52548:

A hidden API in the E3 Site Supervisor Control firmware (versions < 2.31F01) can enable SSH and Shellinabox, allowing remote OS access when an administrator enables it via the application services.

Score
A numerical rating that indicates how dangerous this vulnerability is.

4.9Medium

Published Date:Sep 2, 2025
CISA KEV Date:*No Data*
Industries Affected:20

Threat Predictions

EPSS Score:0.0
EPSS Percentile:11%

Exploitability

Score:1.2
Attack Vector:NETWORK
Attack Complexity:LOW
Privileges Required:HIGH
User Interaction:NONE
Scope:UNCHANGED

Impact

Score:3.6
Confidentiality Impact:NONE
Integrity Impact:HIGH
Availability Impact:NONE

Description Preview

A hidden API in the E3 Site Supervisor Control firmware (versions < 2.31F01) can enable SSH and Shellinabox, allowing remote OS access when an administrator enables it via the application services.

Overview

This advisory describes a firmware-level weakness in the E3 Supervisory Control line where a hidden API within the application services can turn on SSH and Shellinabox. While those services are disabled by default, an administrator with access to the application services can trigger remote OS access, creating a path for unauthorized control of the device. The issue is network-reachable, requiring high-privilege admin access but no user interaction from an end user. Affected devices run firmware versions older than 2.31F01, making upgrade the primary mitigation. Guidance emphasizes restricting network access to the control interface and applying the vendor’s patch to move to a firmware version beyond 2.30F1.

Remediation

1) Upgrade firmware to a version greater than 2.30F1 (preferably 2.31F01 or newer) from the vendor, and verify the update completed successfully.
2) After upgrading, confirm that the hidden API cannot be used to re-enable SSH/Shellinabox and that remote OS access is effectively disabled by default.
3) If possible, disable SSH and Shellinabox entirely on devices that do not require remote access, and remove or harden the admin API pathways that expose the hidden call.
4) Implement network segmentation: restrict the E3 Supervisory Controls ETH0 interface to trusted networks using VLANs, subnets, and/or firewall rules; ensure these segments are not reachable from untrusted networks.
5) Enforce strong admin access controls: rotate admin credentials, apply least privilege, and enable multi-factor authentication where feasible.
6) enable logging and monitoring for admin API usage and any attempts to enable hidden services; set up alerts for anomalous admin actions.
7) Integrate this remediation into your patch management process and schedule regular firmware updates with vendor guidance.
8) If upgrading is not possible, apply the workaround to isolate the device network-wise and monitor for any admin actions that could enable remote access; document compensating controls and plan for a future upgrade.