CVE-2025-59888 – This vulnerability allows attackers with file s... (How to Fix)

Q: What is the severity of CVE-2025-59888?

CVE-2025-59888 has a CVSS score of 6.7 (MEDIUM). This vulnerability allows attackers with file system access to execute arbitrary code through improper quotation in search paths in Eaton UPS Companion software installer. It affects users running vulnerable versions of Eaton UPS Companion software. The issue has been fixed in the latest version.

📋 TL;DR

This vulnerability allows attackers with file system access to execute arbitrary code through improper quotation in search paths in Eaton UPS Companion software installer. It affects users running vulnerable versions of Eaton UPS Companion software. The issue has been fixed in the latest version.

💻 Affected Systems

Products:

Eaton UPS Companion software

Versions: All versions prior to the latest fixed version

Operating Systems: Windows (based on typical UPS software deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: Requires attacker to have file system access to the system running the vulnerable software.

📦 What is this software?

Ups Companion by Eaton

View all CVEs affecting Ups Companion →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining administrative privileges and persistent access to the system.

🟠

Likely Case

Local privilege escalation allowing attackers to execute code with higher privileges than their current access level.

🟢

If Mitigated

Limited impact if proper access controls restrict file system access to authorized users only.

🌐 Internet-Facing: LOW - This is a local file system vulnerability requiring attacker access to the system.

🏢 Internal Only: MEDIUM - Internal attackers with file system access could exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires file system access and knowledge of the vulnerability path manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Latest version available on Eaton download center

Vendor Advisory: https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1026.pdf

Restart Required: Yes

Instructions:

1. Download latest Eaton UPS Companion software from Eaton download center. 2. Uninstall current version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Restrict file system access

all

Limit file system access to authorized users only to prevent exploitation

🧯 If You Can't Patch

Implement strict access controls to limit file system access to the system
Monitor for suspicious file system activity and privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check installed version of Eaton UPS Companion software against latest version on Eaton download center

Check Version:

Check software version through Windows Programs and Features or software about dialog

Verify Fix Applied:

Verify installed version matches or exceeds the patched version from vendor advisory

📡 Detection & Monitoring

Log Indicators:

Unusual file system access patterns
Unexpected process execution from installer directories

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Process creation from Eaton UPS Companion installer paths with unusual parent processes

📊 Metadata

CVE ID: CVE-2025-59888

CVSS v3 Score: 6.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H

CWE: CWE-428

EPSS Score: 0.02% exploit probability (3.9th percentile)

Published: December 26, 2025

Last Updated: February 18, 2026

🔗 References

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1026.pdf Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59888, you might also want to check these: