CNNVD-202601-4331 Information

CNNVD ID

CNNVD-202601-4331

Related CVE

CVE-2026-24003

• CNNVD Published: 2026-01-26

Description (Chinese)

EVerest是EVerest开源的一个电动汽车充电桩的固件。 EVerest 2025.12.1及之前版本存在安全漏洞，该漏洞源于可绕过序列状态验证和身份验证，可能导致向当前状态发送非法状态转换请求。

Description (English)

EVerest is a solid piece of an electric vehicle charger from the EVerest open source. The EVerest 2025.12.1 and previous versions contain a security loophole, which stems from the ability to bypass serial status and authentication, which may lead to the sending of an illegal status conversion request to the current state.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

EVerest

Published

2026-01-26

Last Modified

2026-02-24

References

https://github.com/EVerest/everest-core/blob/main/modules/EVSE/EvseV2G/iso_server.cpp#L44 https://github.com/EVerest/everest-core/security/advisories/GHSA-9vv5-67cv-9crq