E3 Site Supervisor Control Password Generation Vulnerability in Linux Root Account

Vulnerability

A vulnerability exists in E3 Site Supervisor Control firmware versions prior to 2.31F01, where the root Linux password is generated at each boot. This allows an attacker to derive the root password for a vulnerable device using known or easily obtainable parameters.

Impact

Exploitation of this vulnerability allows for unauthorized access to the root account on the device, potentially leading to full control over the system.

Added: Sep 2, 2025, 12:33 PM

Updated: Sep 2, 2025, 4:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.7

remediation

0.0

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.7

remediation

0.0

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

E3 Site Supervisor Control Password Generation Vulnerability in Linux Root Account

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating