IPP
by Eaton
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-59889 | Hig | 0.56 | 8.6 | 0.00 | Oct 14, 2025 | Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of IPP which is available on the Eaton download… | ||
| CVE-2022-33862 | Med | 0.44 | 6.7 | 0.00 | Nov 25, 2024 | IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead attackers to identify and access vulnerable systems. | ||
| CVE-2022-33861 | Med | 0.33 | 5.1 | 0.00 | Nov 25, 2024 | IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a way that causes it to accept invalid data. | ||
| CVE-2024-28952 | 0.00 | — | 0.00 | Nov 13, 2024 | Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2024-28887 | 0.00 | — | 0.00 | Aug 14, 2024 | Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-0001 | 0.00 | — | 0.00 | Jun 9, 2021 | Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access. |
- risk 0.56cvss 8.6epss 0.00
Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of IPP which is available on the Eaton download…
- risk 0.44cvss 6.7epss 0.00
IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead attackers to identify and access vulnerable systems.
- risk 0.33cvss 5.1epss 0.00
IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a way that causes it to accept invalid data.
- CVE-2024-28952Nov 13, 2024risk 0.00cvss —epss 0.00
Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2024-28887Aug 14, 2024risk 0.00cvss —epss 0.00
Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2021-0001Jun 9, 2021risk 0.00cvss —epss 0.00
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.