← Back to home
ICSA-20-133-01  ·  Published 2020-05-12  ·  View on CISA ICS-CERT ↗

Eaton Intelligent Power Manager

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to perform command injection or code execution and allow non-administrator users to manipulate the system configurations.

CVEs (2)

Remediations

  • Eaton has released Intelligent Power Manager v1.68 to address the reported vulnerabilities.
  • To prevent the exploitation of the issues and safeguard the software from malicious entities, Eaton recommends blocking Ports 4679 and 4680 at the enterprise network or home network where Intelligent Power Manager software is installed and used.
  • For additional information please see the Eaton Vulnerability Advisory.

Affected Vendors

Eaton

Affected Products (1)

Eaton · Intelligent Power Manager <= 1.67

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more