Foreseer Electrical Power Monitoring System Security Vulnerabilities
A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operationโs vast array of devices to assist in the reduction of energy consumption and avoid unplanned downtime caused by the failures of critical systems. A threat actor may upload arbitrary file...
9.8CVSS
9.4AI Score
0.002EPSS
The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sanitization on the server-side, which could lead to injection and execution of malicious scripts when...
6.7CVSS
7.3AI Score
0.0004EPSS
The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption...
8.1CVSS
7AI Score
0.0004EPSS
The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the length and bounds of the entered value. The exploit of this security flaw by a bad actor may result i...
6.5CVSS
7AI Score
0.0004EPSS