CVE-2025-67450

Due to insecure library loading in the Eaton UPS Companion software executable, an attacker with access to the software package could perform arbitrary code execution . This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

high 7.8 CVSS 3.1
Published: Dec 26, 2025
Modified: Feb 18, 2026
Vendor: Eaton
Product: Ups Companion

Description

Due to insecure library loading in the Eaton UPS Companion software executable, an attacker with access to the software package

could perform arbitrary code execution . This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

References

Related CVEs

CVE-2025-59887 high · 8.6
Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package
CVE-2025-59888 medium · 6.7
Improper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the file system. This s
CVE-2025-59886 high · 8.8
Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user c