Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Eaton — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Eaton. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Eaton Corporation primarily manufactures electrical power management solutions, including circuit breakers, switchgear, and uninterruptible power supplies, serving industrial and commercial infrastructure. With fifty-three recorded Common Vulnerabilities and Exposures, the company’s attack surface largely stems from its embedded software and networked industrial control systems. Historically, vulnerabilities in Eaton products have frequently involved remote code execution and cross-site scripting, often exploiting weak authentication mechanisms or unpatched web interfaces within management software. These flaws can allow attackers to gain unauthorized access to critical power distribution networks or manipulate system configurations. While no catastrophic global incidents have been widely publicized, the concentration of critical severity ratings indicates significant risks to operational technology environments. Security updates are typically released through standard vendor channels, requiring administrators to maintain rigorous patch management protocols to mitigate exposure to these persistent software defects.

Found 9 results / 53Clear Filters
Top products by Eaton: Intelligent Power manager (IPM) IPP Software Foreseer Reporting Software (FRS) Foreseer Intelligent Power Manager Infrastructure (IPM Infrastructure) UPS Companion Software easySoft Software Intelligent Power Protector Eaton Brightlayer Software Suite (BLSS) easySoft G4 PDU Eaton UPS Companion Software Eaton xComfort ECI Network M3 Eaton Galileo Software Eaton IPP software NMC G2 easyE4 Network M2 Intelligent Power Protector (IPP) Eaton ELCSoft SMP SG-4260 Foreseer EPMS Intelligent Power Manager (IPM 1) Eaton Intelligent Power Protector (IPP) 9000x Programming and Configuration Software Secure Connect Mobile App HALO Home
CVE IDTitleCVSSSeverityPublished
CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1 — Intelligent Power Manager (IPM)CWE-79 5.2 Medium2024-11-25
CVE-2021-23280 Arbitrary File upload — Intelligent Power manager (IPM)CWE-434 8.0 High2021-04-13
CVE-2021-23277 Improper Neutralization of Directives in Dynamically Evaluated Code — Intelligent Power manager (IPM)CWE-95 8.3 High2021-04-13
CVE-2021-23281 Remote Code execution — Intelligent Power manager (IPM)CWE-94 10.0 Critical2021-04-13
CVE-2021-23279 Arbitrary File delete — Intelligent Power manager (IPM)CWE-20 8.0 High2021-04-13
CVE-2021-23276 Improper Neutralization of Special Elements used in an SQL Command — Intelligent Power manager (IPM)CWE-89 7.1 High2021-04-13
CVE-2021-23278 Arbitrary File delete — Intelligent Power manager (IPM)CWE-20 8.7 High2021-04-13
CVE-2020-6651 Command injection via specially crafted file name during config file upload — Intelligent Power manager (IPM)CWE-20 8.8 High2020-05-07
CVE-2020-6652 Incorrect privilege assignment allowing non-admin users to upload config files — Intelligent Power manager (IPM)CWE-266 7.8 High2020-05-07

This page lists every published CVE security advisory associated with Eaton. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.