CVE 8.6 HIGH

CVE-2025-59887_CVE-2025-59887

December 26, 2025 invoker category_cve

8.6 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Description

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

AI Analysis

Arbitrary code execution vulnerability due to improper authentication of library files in the Eaton UPS Companion software installer

Basic Information

ID CVE-2025-59887

Source Eaton

Published Dec 26, 2025 at 06:48

Affected Product

Vendor Eaton

Product Eaton UPS Companion Software

Affected Versions Eaton Eaton UPS Companion Software 0

CWE Classification

CWE-427

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Eaton

Product Eaton UPS Companion Software

References

www.eaton.com /content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1026.pdf

{
    "lastseen": "",
    "description": "Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package.  This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.",
    "published": "2025-12-26T06:48:08.086Z",
    "modified": "2025-12-26T06:48:08.086Z",
    "type": "cve",
    "title": "CVE-2025-59887",
    "source": "Eaton",
    "references": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1026.pdf",
    "id": "CVE-2025-59887",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Eaton Eaton UPS Companion Software 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Eaton UPS Companion Software",
    "version": "0",
    "vendor": "Eaton",
    "ai_description": "Arbitrary code execution vulnerability due to improper authentication of library files in the Eaton UPS Companion software installer",
    "ai_severity": "High",
    "ai_vendor": "Eaton",
    "ai_product": "Eaton UPS Companion Software",
    "ai_version": "0",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply