{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T12:48:35.109","vulnerabilities":[{"cve":{"id":"CVE-2026-22613","sourceIdentifier":"CybersecurityCOE@eaton.com","published":"2026-02-09T06:16:24.360","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton \n\nNetwork M3\n\n which is available on the Eaton download center."},{"lang":"es","value":"El mecanismo de verificación de identidad del servidor para la actualización del firmware realizada a través del shell de comandos está implementado de forma insegura, lo que podría permitir a un atacante realizar un ataque man-in-the-middle. Este problema de seguridad ha sido solucionado en la última versión del firmware de Eaton Network M3, que está disponible en el centro de descargas de Eaton."}],"metrics":{"cvssMetricV31":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.9,"impactScore":4.7}]},"weaknesses":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"references":[{"url":"https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1002.pdf","source":"CybersecurityCOE@eaton.com"}]}}]}