PatchSiren

Eaton CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Eaton CVE published 2026-03-10

CVE-2026-22614

CVE-2026-22614 is a medium-severity weakness in Eaton EasySoft’s project file encryption. According to the vendor advisory and NVD, the encryption used for the project file was insecure and susceptible to brute-force attacks. If an attacker has access to the project file and the local host machine, they could potentially recover sensitive information and tamper with the project file. Eaton states the issu [truncated]

MEDIUM Eaton CVE published 2017-01-26

CVE-2016-9357

CVE-2016-9357 affects legacy Eaton ePDUs that were already past end-of-life when the issue was disclosed. The vulnerability is a path traversal flaw that may allow an unauthenticated attacker to access configuration files through a specially crafted URL. NVD rates the issue as medium severity, with network access required but no privileges or user interaction needed. Because the impacted products are no l [truncated]