Database Exposure in Foreseer Reporting Software by Eaton
CVE-2025-22492

6.3MEDIUM

Key Information:

Vendor
Eaton
Status
Foreseer Reporting Software (frs)
Vendor
CVE Published:
28 February 2025

Summary

The Foreseer Reporting Software by Eaton contains a vulnerability that reveals the connection string for the FRSCore database to users with access rights. This exposure enables potential attackers to gain administrative access to the associated 4crXref database, posing significant security risks. Users are encouraged to upgrade to version 1.5.100 or later to eliminate this vulnerability and protect sensitive data.

Affected Version(s)

Foreseer Reporting Software (FRS) 0 < 1.5.100

References

https://www.eaton.com/content/dam/eaton/company/news-insi...

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-22492 : Database Exposure in Foreseer Reporting Software by Eaton | SecurityVulnerability.io