CVE-2025-67450 HIGH

CVE-2025-67450

Vendor Eaton
Product UPS Companion software
Weakness CWE-427
Published December 26, 2025
Last update December 26, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Due to insecure library loading in the Eaton UPS Companion software executable, an attacker with access to the software package could perform arbitrary code execution . This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

Key dates

02Disclosure timeline

December 26, 2025 CVE published
December 26, 2025 Record updated