CVE-2026-22614 | THREATINT

Description

The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially read the sensitive information stored and tamper with the project file. This security issue has been fixed in the latest version of Eaton EasySoft which is available on the Eaton download centre.

PUBLISHED Reserved 2026-01-08 | Published 2026-03-10 | Updated 2026-03-10 | Assigner Eaton

MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-257 Storing passwords in a recoverable format

Product status

Default status

unaffected

Any version before 8.4

affected

References

www.eaton.com/...ity/security-bulletins/etn-va-2025-1023.pdf

cve.org (CVE-2026-22614)

nvd.nist.gov (CVE-2026-22614)

Download JSON