exploitDog

CVE-2025-48393

Опубликовано: 06 авг. 2025

Источник: nvd

CVSS3: 5.7

EPSS Низкий

Описание

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center.

Ссылки

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1002.pdf

EPSS

Процентиль: 8%

0.00029

Низкий

5.7 Medium

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-qqf5-w389-f489

CVSS3: 5.7

github

6 месяцев назад

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center.

EPSS

Процентиль: 8%

0.00029

Низкий

5.7 Medium

CVSS3

Дефекты

CWE-295