Description

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to discontinue the product. Upon retirement or end of support, there will be no new security updates, non-security updates, or paid assisted support options, or online technical content updates.

INFO

Published Date :

2025-12-23T11:31:31.339Z

Last Modified :

2025-12-23T14:43:39.363Z

Source :

Eaton
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59886 vulnerability.

Vendors Products
Eaton
  • Xcomfort Ethernet Communication Interface
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59886.

URL Resource
https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1022.pdf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact