Lucene search
+L

296 matches found

ICS
ICS
added 2026/02/26 7:0 a.m.7 views

Mobility46 mobility46.se

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/02/26 7:0 a.m.10 views

EV Energy ev.energy

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.8AI score
Exploits0References11
ICS
ICS
added 2026/02/26 7:0 a.m.9 views

Chargemap chargemap.com

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22219

Name of the Vulnerable Software and Affected Versions Systems utilizing WebSocket endpoints for Open Charge Point Protocol OCPP communications affected versions not specified Description WebSocket endpoints lack proper authentication mechanisms, allowing attackers to perform unauthorized station...

9.8CVSS6AI score0.00643EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.13 views

PT-2026-22218

Name of the Vulnerable Software and Affected Versions Versions prior to the fixed version affected versions not specified Description The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier...

7.5CVSS5.9AI score0.00324EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/03 9:18 a.m.18 views

CVE-2026-20401

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID...

7.5CVSS5.7AI score0.00676EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/02 8:14 a.m.34 views

CVE-2026-20402

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/02 8:14 a.m.6 views

EUVD-2026-5150

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

7.5CVSS5.7AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.5 views

CVE-2021-22773

A CWE-620: Unverified Password Change vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker...

6.5CVSS6.9AI score0.00833EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.8 views

(0Day) (Pwn2Own) Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 2000 by...

8.8CVSS7.5AI score0.00606EPSS
Exploits0
HackRead
HackRead
added 2026/01/07 12:2 p.m.6 views

Major Data Breach Hits Company Operating 150 Gas Stations in the US

Texas based Gulshan Management Services, operator of Handi Plus and Handi Stop gas stations, reports a data breach impacting over 377,000 people...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/25 12:0 a.m.5 views

When the Base Station Flies: Rethinking Security for UAV-Based 6G Networks

The integration of non-terrestrial networks NTNs into 6G systems is crucial for achieving seamless global coverage, particularly in underserved and disaster-prone regions. Among NTN platforms, unmanned aerial vehicles UAVs are especially promising due to their rapid deployability. However, this...

6.8AI score
Exploits0
CVE
CVE
added 2025/12/24 7:27 p.m.10 views

CVE-2018-25130

Beward Intercom 2.3.1 contains a local credential-disclosure vulnerability: usernames and passwords stored in plaintext in BEWARD.INTERCOM.FDB can be read by a local attacker, enabling unauthorized access to IP cameras and door stations. Root cause: credentials stored in an unencrypted database f...

6.8CVSS6AI score0.00129EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:27 p.m.3 views

CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database

Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized acces...

6.8CVSS6AI score0.00129EPSS
Exploits1References3
NCSC
NCSC
added 2025/12/02 1:25 p.m.20 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung mobile in Samsung mobile. The vulnerabilities are primarily related to improper input validation, which can result in system crashes and remote denial of service attacks via malicious base stations...

9.8CVSS7.8AI score0.00591EPSS
Exploits5References2
NVD
NVD
added 2025/12/02 3:16 a.m.8 views

CVE-2025-20792

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS0.0032EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 3:16 a.m.6 views

CVE-2025-20750

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

6.5CVSS0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.8 views

PT-2025-48612

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description A missing bounds check in Modem could lead to a system crash and remote denial of service. This can occur if a User Equipment UE connects to a rogue base station controlled by an attacker. No...

6.5CVSS6.5AI score0.00226EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/11/16 12:0 a.m.4 views

Cybersecurity of High-Altitude Platform Stations: Threat Taxonomy, Attacks and Defenses with Standards Mapping - DDoS Attack Use Case

High-Altitude Platform Stations HAPS are emerging stratospheric nodes within non-terrestrial networks. We provide a structured overview of HAPS subsystems and principal communication links, map cybersecurity and privacy exposure across communication, control, and power subsystems, and propose a...

6.8AI score
Exploits0
NVD
NVD
added 2025/11/15 12:15 a.m.8 views

CVE-2025-64307

The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes...

7.1CVSS0.00233EPSS
Exploits0References3
Rows per page
Query Builder