CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6654 – DLL Hijacking
https://notcve.org/view.php?id=CVE-2020-6654
30 Sep 2020 — A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. Una vulnerabilidad de secuestro de DLL en 9000x Programming and Configuration Software de Eaton v 2.0.38 y anteriores, permite a un atacante ejecutar código arbitrario al reemplazar las DLL requeridas por DLL maliciosas cuando el software intenta cargar... • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf • CWE-426: Untrusted Search Path CWE-427: Uncontrolled Search Path Element •
CVSS: 3.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6653 – Sensitive date stored in logcat file
https://notcve.org/view.php?id=CVE-2020-6653
12 Aug 2020 — Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's account and associated devices. La aplicación móvil Secure Connect de Eaton versión v1.7.3 y anteriores, almacena las credenciales de inicio de sesión del usuario en el archivo logcat cuando el usuario crea o registra ... • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-vulnerability-advisory-secure-connect-mobile-app.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-6651 – Command injection via specially crafted file name during config file upload
https://notcve.org/view.php?id=CVE-2020-6651
07 May 2020 — Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application. La Comprobación de Entrada Inapropiada en Eaton Intelligent Power Manager (IPM) versiones v1.67 y anteriores, en el nombre del archivo durante la funcionalidad de importación del archivo de configuración permite ... • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-vulnerability-advisory-intelligent-power-manager-v1-1.pdf • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6652 – Incorrect privilege assignment allowing non-admin users to upload config files
https://notcve.org/view.php?id=CVE-2020-6652
07 May 2020 — Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters. Una vulnerabilidad de Asignación de Privilegios Incorrecta en Eaton Intelligent Power Manager (IPM) versiones v1.67 y anteriores, permite a los usuarios no administradores ca... • https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-vulnerability-advisory-intelligent-power-manager-v1-1.pdf • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10637 – Eaton HMiSoft VU3 File Parsing wTextLen Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-10637
15 Apr 2020 — Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could trigger an out-of-bounds read when loaded by the affected product. Eaton HMiSoft VU3 (el tiempo de ejecución de HMIVU3 no está impactado), versiones 3.00.23 y anteriores, sin embargo, los tiempos de ejecución de HMIVU no están impactados por estos problemas. Un archivo de entrada especialmente diseñado podría desencadenar una lectura f... • https://www.us-cert.gov/ics/advisories/icsa-20-105-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10639 – Eaton HMiSoft VU3 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-10639
15 Apr 2020 — Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the affected product. Eaton HMiSoft VU3 (el tiempo de ejecución de HMIVU3 no está impactado), versiones 3.00.23 y anteriores, sin embargo, los tiempos de ejecución de HMIVU no están impactados por estos problemas. Un archivo de entrada especialmente diseñado podría causar un desbordamiento del búf... • https://www.us-cert.gov/ics/advisories/icsa-20-105-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 1CVE-2020-6650 – Arbitrary code execution through “Update Manager” Class
https://notcve.org/view.php?id=CVE-2020-6650
23 Mar 2020 — UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed. UPS companion software versiones v1.05 y anteriores, está afectado por una vulnerabilidad de "Eval Injection". El softwa... • https://github.com/RavSS/Eaton-UPS-Companion-Exploit • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-7915
https://notcve.org/view.php?id=CVE-2020-7915
22 Jan 2020 — An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator. Se descubrió un problema en los dispositivos Eaton 5P 850. El campo Ubicacion SAI permite ataques de tipo XSS por parte de un administrador. • https://sku11army.blogspot.com/2020/01/eaton-authenticated-stored-cross-site.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-5625 – Eaton Halo Home Android App Insecure Storage
https://notcve.org/view.php?id=CVE-2019-5625
22 May 2019 — The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by reusing the stored OAuth token, thus allowing them to view and change the user's personal information stored in the backend cloud service. The attacker would first need to gain physical control of the Android device ... • https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed • CWE-522: Insufficiently Protected Credentials CWE-922: Insecure Storage of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9281
https://notcve.org/view.php?id=CVE-2018-9281
24 Oct 2018 — An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are also vulnerable to Reflected Cross-Site Scripting vulnerabilities. This flaw could be triggered by driving an administrator logged into the Eaton application to a specially crafted web page. • https://www.bishopfox.com/news/2018/10/eaton-ups-9px-8000-sp-multiple-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •