CVE-2025-59887HIGH 8.6EPSS p17.8%

CVE-2025-59887CVE-2025-59887

Description

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 17.8% · 2026-06-18T12:00:27Z
Published2025-12-26
Last modified2026-02-18

Underlying weaknesses· 1

CWE-427

References

  1. https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1026.pdf

1

TypeTargetConfidenceTier
WeaknessUncontrolled Search Path Elementcwe-4270%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-59889
CVE
CVE-2026-22619
CVE
CVE-2025-48396
CVE
CVE-2025-60595
CVE
CVE-2025-59886
CVE
CVE-2026-8992
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.