One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 7713984 |
| Date de publication | 2022-10-28 02:15:17 (vue: 2022-10-28 06:07:09) |
| Titre | CVE-2022-33859 |
| Texte | A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operation’s vast array of devices to assist in the reduction of energy consumption and avoid unplanned downtime caused by the failures of critical systems. A threat actor may upload arbitrary files using the file upload feature. This vulnerability is present in versions 4.x, 5.x, 6.x & 7.0 to 7.5. A new version (v7.6) containing the remediation has been made available by Eaton and a mitigation has been provided for the affected versions that are currently supported. Customers are advised to update the software to the latest version (v7.6). Foreseer EPMS versions 4.x, 5.x, 6.x are no longer supported by Eaton. Please refer to the End-of-Support notification https://www.eaton.com/in/en-us/catalog/services/foreseer/foreseer-legacy.html . |
| Envoyé | Oui |
| Condensat | 2022 33859 actor advised affected arbitrary are array assist available avoid been caused com/in/en connects consumption containing critical currently customers cve devices discovered downtime eaton end energy epms failures feature file files foreseer has html https://www latest legacy longer made may mitigation new notification operation̢۪s please present provided reduction refer remediation security software support supported systems threat unplanned update upload us/catalog/services/foreseer/foreseer using vast version versions vulnerability |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.