Known Vulnerabilities for products from Eaton
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Eaton".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Eaton can be found at device.report : Eaton
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-43777 | Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters... | 6.5 - MEDIUM | 2023-10-17 | 2023-10-25 |
| CVE-2023-43776 | Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized... | 6.6 - MEDIUM | 2023-10-17 | 2023-10-25 |
| CVE-2023-43775 | Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows attacker to potentially force an unexpect... | 5.3 - MEDIUM | 2023-09-27 | 2023-10-02 |
| CVE-2022-33859 | A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operation’s vast arr... | 9.8 - CRITICAL | 2022-10-28 | 2023-10-18 |
| CVE-2021-23288 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2022-04-01 | 2022-04-09 |
| CVE-2021-23287 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-04-01 | 2022-04-09 |
| CVE-2021-23286 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8 - HIGH | 2022-04-18 | 2023-11-07 |
| CVE-2021-23285 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2022-04-18 | 2023-11-07 |
| CVE-2021-23284 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2022-04-18 | 2023-11-07 |
| CVE-2021-23283 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-04-19 | 2022-04-27 |
| CVE-2021-23281 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM... | 10 - CRITICAL | 2021-04-13 | 2021-04-20 |
| CVE-2021-23280 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM�... | 9.9 - CRITICAL | 2021-04-13 | 2021-04-21 |
| CVE-2021-23279 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability indu... | 10 - CRITICAL | 2021-04-13 | 2021-04-21 |
| CVE-2021-23278 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induce... | 9.6 - CRITICAL | 2021-04-13 | 2021-04-21 |
| CVE-2021-23277 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The softwa... | 10 - CRITICAL | 2021-04-13 | 2023-06-26 |
| CVE-2021-23276 | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a... | 8.8 - HIGH | 2021-04-13 | 2021-04-21 |
| CVE-2020-10639 | Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by t... | 7.8 - HIGH | 2020-04-15 | 2020-04-22 |
| CVE-2020-10637 | Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by t... | 5.5 - MEDIUM | 2020-04-15 | 2020-04-22 |
| CVE-2020-7915 | An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator. | 4.8 - MEDIUM | 2020-01-22 | 2020-01-24 |
| CVE-2020-6656 | Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerabi... | 7.8 - HIGH | 2021-01-07 | 2021-03-31 |
Known software with vulnerabilities from Eaton
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Eaton | 9000x | - |
| Operating System | Eaton | 9000x Firmware | 2.0.29 |
| Application | Eaton | Easysoft | - |
| Application | Eaton | Elcsoft | 1.00.08 |
| Application | Eaton | Halo Home | 1.11.4 |
| Hardware | Eaton | Hmisoft Vu3 | - |
| Operating System | Eaton | Hmisoft Vu3 Firmware | - |
| Application | Eaton | Intelligent Power Manager | 1.6 |
| Application | Eaton | Proview | 4.0 |
| Application | Eaton | Secureconnect | - |
| Application | Eaton | Ups Companion | - |
| Application | Eaton | Xcomfort Ethernet Communication Interface | 1.07 |