← Back to home
ICSA-16-061-03  ·  Published 2025-06-05  ·  View on CISA ICS-CERT ↗

Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities

CVSS 7.5 HIGH

CVEs (2)

Remediations

  • Eaton Lighting Systems has made the decision to remove this functionality from the device. The EG2 is a legacy product that is being moved to “end-of-life” later this year. A new hardware and OS platform is replacing this system. Eaton Lighting Systems has produced a firmware patch to mitigate these vulnerabilities.
  • Please contact Eaton Lighting Systems for advice on updating the firmware. 1) Europe, Middle East, and Asia: +44 (0)844 324 9100 (available Mon-Fri 9am-5pm GMT) (mailto:[email protected]) 2) Americas: 1-800-553-3879, 1-800-954-7016, (mailto:[email protected])
  • Or visit the Eaton cybersecurity web site www.eaton.com/cybersecurity for additional information.

Affected Vendors

Eaton

Affected Products (1)

Eaton · EG2 Web Control <=V4.04P

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more