CVE Vulnerabilities

CVE-2025-48393

Improper Certificate Validation

Published: Aug 06, 2025 | Modified: Aug 06, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Potential Mitigations

References