9 matches found
CVE-2025-68140
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message...
CVE-2025-68140 EVerest allows null session ID to bypass session ID verification
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message...
CVE-2025-68140 EVerest allows null session ID to bypass session ID verification
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message...
CVE-2025-68140
Summary: CVE-2025-68140 affects EVerest EV charging software stack prior to 2025.9.0, where an unregistered session can be assumed as 0, allowing unauthorized and anonymous indirect emission of MQTT messages and communication with V2G message handlers, potentially updating a session context. Tech...
PT-2026-3856
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message...
PT-2024-27469 · Everest · Everest
Name of the Vulnerable Software and Affected Versions: EVerest versions prior to 2024.3.1 EVerest versions prior to 2024.6.0 Description: EVerest is an EV charging software stack. An integer overflow in the v2g incoming v2gtp function in the v2g server.cpp implementation can allow a remote attack...
Are Vehicle to Grid spikes coming?
If you didn’t already know, I’m a massive fan of electric vehicles. One of the aspects that intrigues me is Vehicle to Grid V2G, the potential for our car batteries to store and release electricity to and from the grid, providing balance for the peaks and troughs of demand. It’s a part of what is...
OpenV2G 安全漏洞
The primary scope of the OpenV2G project is to provide an open source implementation of the latest draft of the ISO/IEC Vehicle-to-Grid Communication Interface V2G CI standard.A memory corruption vulnerability exists in Siemens OpenV2G due to a missing length check in the OpenV2G EXI parsing...
Siemens OpenV2G memory corruption vulnerability
The primary scope of the OpenV2G project is to provide an open source implementation of the latest draft of the ISO/IEC Vehicle-to-Grid Communication Interface V2G CI standard.A memory corruption vulnerability exists in Siemens OpenV2G due to a missing length check in the OpenV2G EXI parsing...