HIGHCVE-2026-22593CVSS 8.4

CVE-2026-22593: Everest-Core Buffer Overflow (≤2026.02.0)

Q: What is CVE-2026-22593 — Buffer Overflow in everest-core?

Everest Core is a software stack used in EV charging systems.

Q: Am I affected by CVE-2026-22593 in everest-core?

The update fixes a vulnerability that could allow an attacker to execute malicious code on the system.

Q: How do I fix CVE-2026-22593 in everest-core?

If you are using a version prior to 2026.02.0, you are vulnerable.

Q: Is CVE-2026-22593 being actively exploited?

Implement strict access controls to the certificate directory and monitor system logs.

Q: Where can I find the official everest-core advisory for CVE-2026-22593?

Consult official security sources for the latest information on vulnerabilities.

Platform

other

Component

everest-core

Fixed in

2026.02.0

AI Confidence: highNVDEPSS 0.0%Reviewed: Mar 2026

View on NVD

Save

CVE-2026-22593 is a stack-based buffer overflow vulnerability affecting EVerest's certificate filename handling. An off-by-one check can be exploited with a crafted filename, potentially leading to code execution. This impacts EVerest versions prior to 2026.02.0. Version 2026.02.0 addresses this vulnerability with a patch.

Impact and Attack Scenarios

CVE-2026-22593 in Everest Core, an EV charging software stack, presents a significant risk due to a stack-based buffer overflow. This flaw occurs when the software handles IsoMux certificate filenames. Specifically, an incorrect (off-by-one) check in filename handling allows a filename with a length exactly equal to MAXFILENAMELENGTH (100 characters) to overflow filenames[idx]. This corruption of the stack can lead to malicious code execution, compromising the security of the EV charging system. The severity of this vulnerability is rated at a CVSS score of 8.4, indicating a high risk.

Exploitation Context

An attacker could exploit this vulnerability by placing an IsoMux certificate file with a name of exactly 100 characters in the certificate directory of the Everest Core system. The filename is crafted to trigger the buffer overflow during certificate processing. If the system is vulnerable, this malicious file could allow the attacker to execute arbitrary code on the system, potentially compromising the integrity of the EV charging system and associated information. The difficulty of exploitation is relatively low, as it only requires placing a specific file in a controlled location. The need for access to the certificate directory is a limiting factor, but still represents a significant risk.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureLow

Reports1 threat report

EPSS

0.01% (1% percentile)

CISA SSVC

Exploitationpoc

Automatableno

Affected Software

Componenteverest-core

VendorEVerest

Affected rangeFixed in

< 2026.02.0 – < 2026.02.0—

Weakness Classification (CWE)

CWE-193

Timeline

Reserved2026-01-07
Published2026-03-26
Modified2026-03-28
EPSS updated2026-04-03

Mitigation and Workarounds

The solution to mitigate CVE-2026-22593 is to upgrade to version 2026.02.0 of Everest Core or later. This version includes a fix that addresses the incorrect check in filename handling, preventing the buffer overflow. It is strongly recommended to apply this update as soon as possible to protect EV charging systems from potential attacks. Additionally, review and strengthen security policies related to certificate management and user input validation to prevent similar vulnerabilities in the future. Monitoring system logs for suspicious activity is also a recommended practice.

How to fix

Actualice EVerest a la versión 2026.02.0 o posterior. Esta versión contiene una corrección para el desbordamiento de búfer basado en pila en el manejo de nombres de archivo de certificado IsoMux.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-22593 — Buffer Overflow in everest-core?