CNNVD-202512-4165 Information

CNNVD ID

CNNVD-202512-4165

Related CVE

CVE-2025-59886

• CNNVD Published: 2025-12-23

Description (Chinese)

Eaton xComfort ECI是美国伊顿（Eaton）公司的一个以太网通信接口设备。 Eaton xComfort ECI存在安全漏洞，该漏洞源于Web界面端点输入验证不当，可能导致具有网络访问权限的攻击者执行特权用户命令。

Description (English)

Eaton xCommfort ECI is an Ethernet communication interface of the United States company Eaton. There is a security loophole in Eaton xCommort ECI, which stems from inappropriate input validation at the Web interface endpoint, which may result in a privileged user command being executed by the assailant with access to the network.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

伊顿

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1022.pdf

Patch

https://www.eaton.com/country.html