Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Eaton — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Eaton. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Eaton Corporation primarily manufactures electrical power management solutions, including circuit breakers, switchgear, and uninterruptible power supplies, serving industrial and commercial infrastructure. With fifty-three recorded Common Vulnerabilities and Exposures, the company’s attack surface largely stems from its embedded software and networked industrial control systems. Historically, vulnerabilities in Eaton products have frequently involved remote code execution and cross-site scripting, often exploiting weak authentication mechanisms or unpatched web interfaces within management software. These flaws can allow attackers to gain unauthorized access to critical power distribution networks or manipulate system configurations. While no catastrophic global incidents have been widely publicized, the concentration of critical severity ratings indicates significant risks to operational technology environments. Security updates are typically released through standard vendor channels, requiring administrators to maintain rigorous patch management protocols to mitigate exposure to these persistent software defects.

Top products by Eaton: Intelligent Power manager (IPM) IPP Software Foreseer Reporting Software (FRS) Foreseer Intelligent Power Manager Infrastructure (IPM Infrastructure) UPS Companion Software easySoft Software Intelligent Power Protector Eaton Brightlayer Software Suite (BLSS) easySoft G4 PDU Eaton UPS Companion Software Eaton xComfort ECI Network M3 Eaton Galileo Software Eaton IPP software NMC G2 easyE4 Network M2 Intelligent Power Protector (IPP) Eaton ELCSoft SMP SG-4260 Foreseer EPMS Intelligent Power Manager (IPM 1) Eaton Intelligent Power Protector (IPP) 9000x Programming and Configuration Software Secure Connect Mobile App HALO Home
CVE IDTitleCVSSSeverityPublished
CVE-2023-43775 Security issue in SMP Gateway automation platform — SMP SG-4260CWE-400 4.7 Medium2023-09-26
CVE-2022-33859 Unrestricted file upload in Eaton Foreseer EPMS — Foreseer EPMSCWE-434 8.1 High2022-10-28
CVE-2021-23283 Security issues in Eaton Intelligent Power Protector (IPP) — Eaton Intelligent Power Protector (IPP)CWE-79 5.2 Medium2022-04-19
CVE-2021-23286 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure)CWE-1236 5.7 Medium2022-04-18
CVE-2021-23284 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure)CWE-79 5.7 Medium2022-04-18
CVE-2021-23285 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure)CWE-79 3.1 Low2022-04-18
CVE-2021-23288 Security issues in Intelligent Power Protector — Intelligent Power ProtectorCWE-79 5.6 Medium2022-04-01
CVE-2021-23287 Security issues in Intelligent Power Manager (IPM 1) — Intelligent Power Manager (IPM 1)CWE-79 5.6 Medium2022-04-01
CVE-2021-23280 Arbitrary File upload — Intelligent Power manager (IPM)CWE-434 8.0 High2021-04-13
CVE-2021-23277 Improper Neutralization of Directives in Dynamically Evaluated Code — Intelligent Power manager (IPM)CWE-95 8.3 High2021-04-13
CVE-2021-23281 Remote Code execution — Intelligent Power manager (IPM)CWE-94 10.0 Critical2021-04-13
CVE-2021-23279 Arbitrary File delete — Intelligent Power manager (IPM)CWE-20 8.0 High2021-04-13
CVE-2021-23276 Improper Neutralization of Special Elements used in an SQL Command — Intelligent Power manager (IPM)CWE-89 7.1 High2021-04-13
CVE-2021-23278 Arbitrary File delete — Intelligent Power manager (IPM)CWE-20 8.7 High2021-04-13
CVE-2020-6656 File parsing Type Confusion Remote code execution vulerability — easySoft SoftwareCWE-843 5.8 Medium2021-01-07
CVE-2020-6655 File parsing Out-Of-Bounds read remote code execution — easySoft SoftwareCWE-125 5.8 Medium2021-01-07
CVE-2020-6654 DLL Hijacking — 9000x Programming and Configuration SoftwareCWE-427 7.8 High2020-09-30
CVE-2020-6653 Sensitive date stored in logcat file — Secure Connect Mobile AppCWE-200 3.8 Low2020-08-12
CVE-2020-6651 Command injection via specially crafted file name during config file upload — Intelligent Power manager (IPM)CWE-20 8.8 High2020-05-07
CVE-2020-6652 Incorrect privilege assignment allowing non-admin users to upload config files — Intelligent Power manager (IPM)CWE-266 7.8 High2020-05-07
CVE-2020-6650 Arbitrary code execution through “Update Manager” Class — UPS Companion SoftwareCWE-95 8.3 High2020-03-23
CVE-2019-5625 Eaton Halo Home Android App Insecure Storage — HALO HomeCWE-922 7.8 -2019-05-22
CVE-2018-7511 Eaton ELCSoft 输入验证漏洞 — Eaton ELCSoftCWE-20 7.8 -2018-03-20

This page lists every published CVE security advisory associated with Eaton. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.