Improper Quotation Vulnerability in Eaton UPS Companion Software Installer
CVE-2025-59888

6.7MEDIUM

Key Information:

Vendor: Eaton
Status: Ups Companion Software
Vendor: CVE Published:; 26 December 2025

What is CVE-2025-59888?

The Eaton UPS Companion software installer has a security flaw stemming from improper quotation in its search paths. This vulnerability could allow an attacker with file system access to execute arbitrary code, potentially compromising the system's security. The issue has been addressed in the latest update available at the Eaton download center.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

UPS Companion software 0 < 3.0

References

https://www.eaton.com/content/dam/eaton/company/news-insi...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 26, 2025
Vulnerability Reserved
Sep 23, 2025

JSON

Eaton

What is CVE-2025-59888?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.