PT-2026-33257 · Eaton · Intelligent Power Protector
Published
2026-04-16
·
Updated
2026-04-16
·
CVE-2026-22616
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Eaton Intelligent Power Protector (IPP) (affected versions not specified)
Description
Eaton Intelligent Power Protector (IPP) software contains insufficient rate-limiting controls on the web interface login page, allowing repeated authentication attempts. This issue has been actively exploited by attackers to brute force web authentication and compromise systems globally.
Recommendations
Update to the latest version of Eaton IPP available on the Eaton download centre.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intelligent Power Protector