Vulnerability Database

318,389

Total vulnerabilities in the database

CVE-2025-48396

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS (7.3.0.SCP004).

Published: Nov 3, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-48396
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

CWEs:

CWE-434

Affected Software
References

No affected software listed.

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2025-1021.pdf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo