Primary

Context

Eaton UPS Companion Software Arbitrary Code Execution Vulnerability

Vulnerability

A vulnerability allowing arbitrary code execution has been identified in the Eaton UPS Companion software. This issue arises from insecure library loading in the software executable. An attacker with access to the software package could exploit this vulnerability. The problem has been addressed in the latest version of the Eaton UPS Companion software, available for download from the Eaton download center.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code within the context of the user running the Eaton UPS Companion software.

Remediation

Users are advised to update to the latest version of the Eaton UPS Companion software, available on the Eaton download center.

Added: Dec 26, 2025, 7:18 AM

Updated: Dec 26, 2025, 7:18 AM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eaton UPS Companion Software Arbitrary Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Eaton UPS Companion

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating