CVE-2026-22617

Name of the Vulnerable Software and Affected Versions Eaton Intelligent Power Protector (IPP) (affected versions not specified)

Description An insecure cookie configuration allows a network-based attacker to intercept the cookie and exploit it through a man-in-the-middle attack, which is a technique where an attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

Recommendations Update to the latest version of Eaton IPP software available on the Eaton download centre.