The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration.
History

Tue, 26 Aug 2025 10:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-312

Fri, 13 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Eaton
Eaton foreseer Electrical Power Monitoring System
CPEs cpe:2.3:a:eaton:foreseer_electrical_power_monitoring_system:*:*:*:*:*:*:*:*
Vendors & Products Eaton
Eaton foreseer Electrical Power Monitoring System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 13 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
Description The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration.
Weaknesses CWE-522
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Eaton

Published:

Updated: 2025-08-26T10:22:22.285Z

Reserved: 2024-04-03T11:17:01.662Z

Link: CVE-2024-31415

cve-icon Vulnrichment

Updated: 2024-09-13T17:34:35.706Z

cve-icon NVD

Status : Modified

Published: 2024-09-13T17:15:11.907

Modified: 2025-08-26T11:15:30.467

Link: CVE-2024-31415

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.