Search criteria
15 vulnerabilities by everest
CVE-2025-68141 (GCVE-0-2025-68141)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:56 – Updated: 2026-01-22 16:50
VLAI?
Title
EVerest vulnerable to null pointer dereference during DC_ChargeLoopRes document deserialization
Summary
EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a `DC_ChargeLoopRes` message that includes Receipt as well as TaxCosts, the vector `<DetailedTax>tax_costs` in the target `Receipt` structure is accessed out of bounds. This occurs in the method `template <> void convert(const struct iso20_dc_DetailedTaxType& in, datatypes::DetailedTax& out)` which leads to a null pointer dereference and causes the module to terminate. The EVerest processes and all its modules shut down, affecting all EVSE. Version 2025.10.0 fixes the issue.
Severity ?
7.4 (High)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T15:09:40.467662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T16:50:38.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a `DC_ChargeLoopRes` message that includes Receipt as well as TaxCosts, the vector `\u003cDetailedTax\u003etax_costs` in the target `Receipt` structure is accessed out of bounds. This occurs in the method `template \u003c\u003e void convert(const struct iso20_dc_DetailedTaxType\u0026 in, datatypes::DetailedTax\u0026 out)` which leads to a null pointer dereference and causes the module to terminate. The EVerest processes and all its modules shut down, affecting all EVSE. Version 2025.10.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:56:14.482Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-ph4w-r9q8-vm9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-ph4w-r9q8-vm9h"
}
],
"source": {
"advisory": "GHSA-ph4w-r9q8-vm9h",
"discovery": "UNKNOWN"
},
"title": "EVerest vulnerable to null pointer dereference during DC_ChargeLoopRes document deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68141",
"datePublished": "2026-01-21T19:56:14.482Z",
"dateReserved": "2025-12-15T18:15:08.404Z",
"dateUpdated": "2026-01-22T16:50:38.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68140 (GCVE-0-2025-68140)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:54 – Updated: 2026-01-22 16:50
VLAI?
Title
EVerest allows null session ID to bypass session ID verification
Summary
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message submitted with a session ID of 0 is accepted, as it matches the registered value. This could allow unauthorized and anonymous indirect emission of MQTT messages and communication with V2G messages handlers, updating a session context. Version 2025.9.0 fixes the issue.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.9.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T15:09:42.755758Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T16:50:45.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message submitted with a session ID of 0 is accepted, as it matches the registered value. This could allow unauthorized and anonymous indirect emission of MQTT messages and communication with V2G messages handlers, updating a session context. Version 2025.9.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:54:51.285Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-w385-3jwp-x47x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-w385-3jwp-x47x"
}
],
"source": {
"advisory": "GHSA-w385-3jwp-x47x",
"discovery": "UNKNOWN"
},
"title": "EVerest allows null session ID to bypass session ID verification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68140",
"datePublished": "2026-01-21T19:54:51.285Z",
"dateReserved": "2025-12-15T18:15:08.404Z",
"dateUpdated": "2026-01-22T16:50:45.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68139 (GCVE-0-2025-68139)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:36 – Updated: 2026-01-22 16:50
VLAI?
Title
In EVerest, by default, the EV is responsible for closing the connection if the module encounters an error during request processing
Summary
EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for `terminate_connection_on_failed_response` is `False`, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the module are logged but do not trigger countermeasures such as session and connection reset or termination. This could be abused by a malicious user in order to exploit other weaknesses or vulnerabilities. While the default will stay at the setting that is described as potentially problematic in this reported issue, a mitigation is available by changing the `terminate_connection_on_failed_response` setting to `true`. However this cannot be set to this value by default since it can trigger errors in vehicle ECUs requiring ECU resets and lengthy unavailability in charging for vehicles. The maintainers judge this to be a much more important workaround then short-term unavailability of an EVSE, therefore this setting will stay at the current value.
Severity ?
4.3 (Medium)
CWE
- CWE-384 - Session Fixation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
<= 2025.12.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T15:09:46.284258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T16:50:50.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c= 2025.12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for `terminate_connection_on_failed_response` is `False`, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the module are logged but do not trigger countermeasures such as session and connection reset or termination. This could be abused by a malicious user in order to exploit other weaknesses or vulnerabilities. While the default will stay at the setting that is described as potentially problematic in this reported issue, a mitigation is available by changing the `terminate_connection_on_failed_response` setting to `true`. However this cannot be set to this value by default since it can trigger errors in vehicle ECUs requiring ECU resets and lengthy unavailability in charging for vehicles. The maintainers judge this to be a much more important workaround then short-term unavailability of an EVSE, therefore this setting will stay at the current value."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:36:36.127Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-wqh4-pj54-6xv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-wqh4-pj54-6xv9"
}
],
"source": {
"advisory": "GHSA-wqh4-pj54-6xv9",
"discovery": "UNKNOWN"
},
"title": "In EVerest, by default, the EV is responsible for closing the connection if the module encounters an error during request processing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68139",
"datePublished": "2026-01-21T19:36:36.127Z",
"dateReserved": "2025-12-15T18:15:08.403Z",
"dateUpdated": "2026-01-22T16:50:50.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68138 (GCVE-0-2025-68138)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:30 – Updated: 2026-01-22 21:56
VLAI?
Title
EVerest affected by memory exhaustion in libocpp
Summary
EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potentially causing memory exhaustion and denial of service. Version 0.30.1 fixes the issue.
Severity ?
4.7 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
libocpp < 0.30.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T21:56:15.275981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T21:56:29.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "libocpp \u003c 0.30.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potentially causing memory exhaustion and denial of service. Version 0.30.1 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:30:49.196Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-f8c2-44c3-7v55",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-f8c2-44c3-7v55"
},
{
"name": "https://github.com/EVerest/libocpp/blob/89c7b62ec899db637f43b54f19af2c4af30cfa66/lib/ocpp/common/websocket/websocket_libwebsockets.cpp",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/libocpp/blob/89c7b62ec899db637f43b54f19af2c4af30cfa66/lib/ocpp/common/websocket/websocket_libwebsockets.cpp"
}
],
"source": {
"advisory": "GHSA-f8c2-44c3-7v55",
"discovery": "UNKNOWN"
},
"title": "EVerest affected by memory exhaustion in libocpp"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68138",
"datePublished": "2026-01-21T19:30:49.196Z",
"dateReserved": "2025-12-15T18:09:12.695Z",
"dateUpdated": "2026-01-22T21:56:29.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23955 (GCVE-0-2026-23955)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:25 – Updated: 2026-01-21 19:53
VLAI?
Title
EVerest vulnerable to concatenation of strings literal and integers
Summary
EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue.
Severity ?
4.2 (Medium)
CWE
- CWE-1046 - Creation of Immutable Text Using String Concatenation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.9.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23955",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:53:45.367515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:53:57.098Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1046",
"description": "CWE-1046: Creation of Immutable Text Using String Concatenation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:25:12.104Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff"
}
],
"source": {
"advisory": "GHSA-px57-jx97-hrff",
"discovery": "UNKNOWN"
},
"title": "EVerest vulnerable to concatenation of strings literal and integers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-23955",
"datePublished": "2026-01-21T19:25:12.104Z",
"dateReserved": "2026-01-19T14:49:06.312Z",
"dateUpdated": "2026-01-21T19:53:57.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68137 (GCVE-0-2025-68137)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:20 – Updated: 2026-01-21 19:51
VLAI?
Title
EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop
Summary
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtracted by the header length which results in a negative value. This value is then interpreted as `SIZE_MAX` (or slightly less) because the expected type of the argument is `size_t`. Depending on whether the server is plain TCP or TLS, this leads to either an infinite loop or a stack buffer overflow. Version 2025.10.0 fixes the issue.
Severity ?
8.4 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68137",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:51:05.581714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:51:26.058Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtracted by the header length which results in a negative value. This value is then interpreted as `SIZE_MAX` (or slightly less) because the expected type of the argument is `size_t`. Depending on whether the server is plain TCP or TLS, this leads to either an infinite loop or a stack buffer overflow. Version 2025.10.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:20:09.059Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-7qq4-q9r8-wc7w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-7qq4-q9r8-wc7w"
}
],
"source": {
"advisory": "GHSA-7qq4-q9r8-wc7w",
"discovery": "UNKNOWN"
},
"title": "EVerest\u0027s Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68137",
"datePublished": "2026-01-21T19:20:09.059Z",
"dateReserved": "2025-12-15T18:09:12.694Z",
"dateUpdated": "2026-01-21T19:51:26.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68136 (GCVE-0-2025-68136)
Vulnerability from cvelistv5 – Published: 2026-01-21 19:18 – Updated: 2026-01-21 19:47
VLAI?
Title
EVerest's inadequate session handling can lead to memory-related errors or exhaustion of the operating system’s file descriptors, resulting in a denial of service
Summary
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like `Session`, `IConnection` which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, without closing and destroying the previous ones. Previous `Session` is not saved and the usage of an `unique_ptr` is lost, destroying connection data. Latter, if the used socket and therefore file descriptor is not the last one, it will lead to a null pointer dereference. Version 2025.10.0 fixes the issue.
Severity ?
7.4 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68136",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:46:18.038066Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:47:04.055Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like `Session`, `IConnection` which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, without closing and destroying the previous ones. Previous `Session` is not saved and the usage of an `unique_ptr` is lost, destroying connection data. Latter, if the used socket and therefore file descriptor is not the last one, it will lead to a null pointer dereference. Version 2025.10.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:18:21.068Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-4h8h-x5cp-g22r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-4h8h-x5cp-g22r"
}
],
"source": {
"advisory": "GHSA-4h8h-x5cp-g22r",
"discovery": "UNKNOWN"
},
"title": "EVerest\u0027s inadequate session handling can lead to memory-related errors or exhaustion of the operating system\u2019s file descriptors, resulting in a denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68136",
"datePublished": "2026-01-21T19:18:21.068Z",
"dateReserved": "2025-12-15T18:09:12.694Z",
"dateUpdated": "2026-01-21T19:47:04.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68135 (GCVE-0-2025-68135)
Vulnerability from cvelistv5 – Published: 2026-01-21 18:56 – Updated: 2026-01-21 19:17
VLAI?
Title
EVerest's inadequate exception handling leads to denial of service
Summary
EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the `TbdController` loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers. Version 2025.10.0 fixes the issue.
Severity ?
6.5 (Medium)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68135",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:09:26.076401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:10:30.524Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the `TbdController` loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers. Version 2025.10.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:17:21.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-g7mm-r6qp-96vh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-g7mm-r6qp-96vh"
}
],
"source": {
"advisory": "GHSA-g7mm-r6qp-96vh",
"discovery": "UNKNOWN"
},
"title": "EVerest\u0027s inadequate exception handling leads to denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68135",
"datePublished": "2026-01-21T18:56:05.970Z",
"dateReserved": "2025-12-15T18:09:12.694Z",
"dateUpdated": "2026-01-21T19:17:21.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68134 (GCVE-0-2025-68134)
Vulnerability from cvelistv5 – Published: 2026-01-21 18:32 – Updated: 2026-01-21 19:03
VLAI?
Title
EVerest's use of assert functions can potentially lead to denial of service
Summary
EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denial of service. In a context where a manager handles multiple EVSE, this would also impact other users. Version 2025.10.0 fixes the issue.
Severity ?
7.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68134",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:03:31.722493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:03:47.370Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denial of service. In a context where a manager handles multiple EVSE, this would also impact other users. Version 2025.10.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T18:55:39.089Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3"
}
],
"source": {
"advisory": "GHSA-cxc5-rrj5-8pf3",
"discovery": "UNKNOWN"
},
"title": "EVerest\u0027s use of assert functions can potentially lead to denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68134",
"datePublished": "2026-01-21T18:32:13.882Z",
"dateReserved": "2025-12-15T18:09:12.694Z",
"dateUpdated": "2026-01-21T19:03:47.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68132 (GCVE-0-2025-68132)
Vulnerability from cvelistv5 – Published: 2026-01-21 18:28 – Updated: 2026-01-21 19:06
VLAI?
Title
EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver
Summary
EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() < 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.12.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:05:29.573743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:06:48.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() \u003c 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 2.4,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T18:28:40.763Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-79gc-m8w6-9hx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-79gc-m8w6-9hx5"
},
{
"name": "https://github.com/EVerest/everest-core/commit/b8139b95144e3fe0082789b7fafe4e532ee494a1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/commit/b8139b95144e3fe0082789b7fafe4e532ee494a1"
}
],
"source": {
"advisory": "GHSA-79gc-m8w6-9hx5",
"discovery": "UNKNOWN"
},
"title": "EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68132",
"datePublished": "2026-01-21T18:28:40.763Z",
"dateReserved": "2025-12-15T18:05:52.211Z",
"dateUpdated": "2026-01-21T19:06:48.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68133 (GCVE-0-2025-68133)
Vulnerability from cvelistv5 – Published: 2026-01-21 02:25 – Updated: 2026-01-21 15:09
VLAI?
Title
EVerest's unlimited connections can lead to DoS through operating system resource exhaustion
Summary
EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system's memory and cause the module to terminate by initiating an unlimited number of TCP connections that never proceed to ISO 15118-2 communication. This is possible because a new thread is started for each incoming plain TCP or TLS socket connection before any verification occurs, and the verification performed is too permissive. The EVerest processes and all its modules shut down, affecting all EVSE functionality. This issue is fixed in version 2025.10.0.
Severity ?
7.4 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.10.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68133",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T14:59:00.507249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T15:09:48.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system\u0027s memory and cause the module to terminate by initiating an unlimited number of TCP connections that never proceed to ISO 15118-2 communication. This is possible because a new thread is started for each incoming plain TCP or TLS socket connection before any verification occurs, and the verification performed is too permissive. The EVerest processes and all its modules shut down, affecting all EVSE functionality. This issue is fixed in version 2025.10.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T02:25:03.085Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-mv3w-pp85-5h7c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-mv3w-pp85-5h7c"
},
{
"name": "https://github.com/EVerest/everest-core/commit/8127b8c54b296c4dd01b356ac26763f81f76a8fd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/commit/8127b8c54b296c4dd01b356ac26763f81f76a8fd"
},
{
"name": "https://github.com/EVerest/everest-core/commit/de504f0c11069010d26767b0952739e9a400cef3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/commit/de504f0c11069010d26767b0952739e9a400cef3"
}
],
"source": {
"advisory": "GHSA-mv3w-pp85-5h7c",
"discovery": "UNKNOWN"
},
"title": "EVerest\u0027s unlimited connections can lead to DoS through operating system resource exhaustion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68133",
"datePublished": "2026-01-21T02:25:03.085Z",
"dateReserved": "2025-12-15T18:05:52.211Z",
"dateUpdated": "2026-01-21T15:09:48.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59398 (GCVE-0-2025-59398)
Vulnerability from cvelistv5 – Published: 2025-09-15 00:00 – Updated: 2025-09-15 18:39
VLAI?
Summary
The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.
Severity ?
CWE
- CWE-392 - Missing Report of Error Condition
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59398",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T18:39:23.442145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T18:39:57.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libocpp",
"vendor": "EVerest",
"versions": [
{
"lessThan": "0.26.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString\u003c255\u003e object is created with StringTooLarge set to Throw."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-392",
"description": "CWE-392 Missing Report of Error Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T18:15:26.361Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/EVerest/everest-core/issues/1152"
},
{
"url": "https://github.com/EVerest/everest-core/commit/253432ae7458ad0445f68f9d716086090c2be49c"
},
{
"url": "https://github.com/EVerest/libocpp/compare/v0.26.1...v0.26.2"
},
{
"url": "https://github.com/EVerest/libocpp/commit/fb391b4ff16a0a07150e5a8eebf0856fb6623cbe"
},
{
"url": "https://github.com/EVerest/libocpp/pull/1052"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59398",
"datePublished": "2025-09-15T00:00:00.000Z",
"dateReserved": "2025-09-15T00:00:00.000Z",
"dateUpdated": "2025-09-15T18:39:57.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59399 (GCVE-0-2025-59399)
Vulnerability from cvelistv5 – Published: 2025-09-15 00:00 – Updated: 2025-09-15 18:36
VLAI?
Summary
libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation.
Severity ?
CWE
- CWE-460 - Improper Cleanup on Thrown Exception
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T18:36:27.188566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T18:36:54.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libocpp",
"vendor": "EVerest",
"versions": [
{
"lessThan": "0.28.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-460",
"description": "CWE-460 Improper Cleanup on Thrown Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T18:17:21.220Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/EVerest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878"
},
{
"url": "https://github.com/EVerest/libocpp/compare/v0.27.1...v0.28.0"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59399",
"datePublished": "2025-09-15T00:00:00.000Z",
"dateReserved": "2025-09-15T00:00:00.000Z",
"dateUpdated": "2025-09-15T18:36:54.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37310 (GCVE-0-2024-37310)
Vulnerability from cvelistv5 – Published: 2024-07-10 19:39 – Updated: 2024-12-16 00:57
VLAI?
Title
EVerest has an integer overflow in the "v2g_incoming_v2gtp" function
Summary
EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.
Severity ?
9.1 (Critical)
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2024.3.1
Affected: >= 2024.4.0, < 2024.6.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:everest:everest-core:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "everest-core",
"vendor": "everest",
"versions": [
{
"lessThan": "2024.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37310",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T14:40:06.465515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T14:42:39.160Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-16T00:57:23.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://plaxidityx.com/blog/automotive-cyber-security/ev-cyber-security-plaxidityx-discovers-critical-vulnerability-in-everest-open-source-ev-charging-firmware-stack-cve-2024-37310/"
},
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96"
},
{
"name": "https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e"
},
{
"name": "https://github.com/EVerest/everest-core/releases/tag/2024.3.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/EVerest/everest-core/releases/tag/2024.3.1"
},
{
"name": "https://github.com/EVerest/everest-core/releases/tag/2024.6.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/EVerest/everest-core/releases/tag/2024.6.0"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2024.3.1"
},
{
"status": "affected",
"version": "\u003e= 2024.4.0, \u003c 2024.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. An integer overflow in the \"v2g_incoming_v2gtp\" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process\u0027 heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T19:39:36.860Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96"
},
{
"name": "https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e"
},
{
"name": "https://github.com/EVerest/everest-core/releases/tag/2024.3.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/releases/tag/2024.3.1"
},
{
"name": "https://github.com/EVerest/everest-core/releases/tag/2024.6.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/releases/tag/2024.6.0"
}
],
"source": {
"advisory": "GHSA-8g9q-7qr9-vc96",
"discovery": "UNKNOWN"
},
"title": "EVerest has an integer overflow in the \"v2g_incoming_v2gtp\" function "
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-37310",
"datePublished": "2024-07-10T19:39:36.860Z",
"dateReserved": "2024-06-05T20:10:46.498Z",
"dateUpdated": "2024-12-16T00:57:23.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6454 (GCVE-0-2015-6454)
Vulnerability from cvelistv5 – Published: 2015-09-25 01:00 – Updated: 2024-08-06 07:22
VLAI?
Summary
Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a denial of service (incorrect pointer dereference and daemon crash) via a crafted packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:22:21.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-232-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a denial of service (incorrect pointer dereference and daemon crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-09-25T03:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-232-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a denial of service (incorrect pointer dereference and daemon crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-232-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-232-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6454",
"datePublished": "2015-09-25T01:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:22:21.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}