← Back to context

Comment by pm90

8 hours ago

The bigger issue that nobody seems to have addressed is how a single developer could have a machine that only he had access to that could run this code with admin privileges over their ActiveDirectory. Eaton should immediately explain what kinds of safeguards it has instituted to prevent this from happening again. If I were the CEO I would be thanking this person to have revealed this kind of access control vulnerability.

4 comments

pm90

Reply
eurleif  8 hours ago

Yes, and this is especially concerning because Eaton makes IoT devices. Imagine the damage a disgruntled employee could do by deploying malicious code to devices on millions of consumers' networks. A company of this size, with this large of a blast radius, should be highly diligent about internal threats.

thrown-0825  6 hours ago

you would be amazed how often this happens

i regularly see orgs with orphan machines running that no one understands or wants to touch

paulddraper  8 hours ago

Why do you think he had admin access to Active Directory?

Regardless, it should be pretty obvious that if an attacker gains RCE, they can do a lot.

  • gpvos  6 hours ago

    He could prevent logins of other people. That means a rather high level of access.