E3 Site Supervisor Control Client-Side Hashing Authentication Vulnerability

Vulnerability

A vulnerability exists in E3 Site Supervisor Control applications running firmware versions prior to 2.31F01. The issue arises because the application services (MGW and RCI) rely on client-side hashing for authentication. This allows an attacker to authenticate by simply obtaining the password hash.

Impact

Exploitation of this vulnerability allows for unauthorized authentication, potentially leading to unauthorized access or actions within the application.

Added: Sep 2, 2025, 12:24 PM

Updated: Sep 2, 2025, 4:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

E3 Site Supervisor Control Client-Side Hashing Authentication Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating