CVE-2025-59889 HIGH

CVE-2025-59889

Vendor Eaton
Product Eaton IPP software
Weakness CWE-427
Published October 14, 2025
Last update November 4, 2025

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package.  This security issue has been fixed in the latest version of IPP which is available on the Eaton download center.

Key dates

02Disclosure timeline

October 14, 2025 CVE published
November 4, 2025 Record updated