Eaton Intelligent Power Protector can run malicious code if package is tampered with

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Eaton Intelligent Power Protector can run malicious code if package is tampered with

CVE-2026-22619

Summary

If an attacker can access and modify the Eaton Intelligent Power Protector software package, they may be able to run unauthorized code on your computer. This is a significant risk, and we recommend updating to the latest version of the software from the Eaton download center to ensure you have the latest security patches.

Original title

Original description

Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download center.

nvd CVSS3.1 7.8

Vulnerability type

CWE-427 Uncontrolled Search Path Element

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/secu...

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026