Plateforme
other
Composant
everest-core
Corrigé dans
2025.12.2
CVE-2026-24003 describes an authentication bypass vulnerability discovered in Everest-Core, an EV charging software stack. This flaw allows attackers to circumvent sequence state verification, potentially manipulating the charging process and injecting illegitimate data. The vulnerability affects versions up to 2025.12.1, and a patch is available in version 2025.12.2.
Successful exploitation of CVE-2026-24003 could allow an attacker to manipulate the EV charging process without proper authentication. This could lead to unauthorized charging sessions, potentially incurring costs for the legitimate user or the charging station operator. The attacker could also potentially alter the charging parameters, leading to safety concerns or damage to the electric vehicle. While the description notes limitations preventing transitions out of the WaitingForAuthentication state, the ability to bypass authentication and manipulate state transitions represents a significant security risk.
CVE-2026-24003 was publicly disclosed on January 26, 2026. The vulnerability's impact stems from the ability to bypass authentication, a common attack vector in charging infrastructure. There is currently no indication of active exploitation or inclusion in the CISA KEV catalog. Public proof-of-concept code is not yet available.
Organizations and individuals deploying Everest-Core for EV charging infrastructure are at risk. This includes EV charging station operators, fleet managers, and users of electric vehicles who rely on these charging stations. Legacy deployments using older versions of Everest-Core are particularly vulnerable.
• linux / server: Monitor ISO 15118-2 communication logs for unexpected state transitions or authentication attempts. Use journalctl -f to observe real-time log activity.
journalctl -f | grep "state_transition" | grep "authentication"• generic web: Monitor network traffic for unusual ISO 15118-2 requests. Use curl to test the charging endpoint and observe the response headers and body for signs of manipulation.
curl -v https://<everest-core-endpoint>/iso15118disclosure
Statut de l'Exploit
EPSS
0.23% (percentile 45%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-24003 is to upgrade Everest-Core to version 2025.12.2 or later, which includes the fix for this vulnerability. If an immediate upgrade is not possible, consider implementing stricter access controls and monitoring charging sessions for suspicious activity. While specific WAF rules or proxy configurations are not detailed, monitoring for unusual ISO 15118-2 communication patterns could provide an early warning of potential exploitation attempts. After upgrading, verify the fix by attempting to initiate a charging session without proper authentication and confirming that the state verification is enforced.
Mettre à jour vers une version ultérieure à 2025.12.1 lorsque celle-ci sera disponible. Aucune version corrigée n'est actuellement disponible. Surveiller le référentiel EVerest pour les mises à jour et appliquer le correctif de sécurité dès sa publication.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-24003 is a medium-severity vulnerability in Everest-Core versions up to 2025.12.1 that allows attackers to bypass authentication and manipulate charging states.
You are affected if you are using Everest-Core version 2025.12.1 or earlier. Upgrade to version 2025.12.2 or later to mitigate the risk.
Upgrade Everest-Core to version 2025.12.2 or later. If immediate upgrade is not possible, implement stricter access controls and monitor charging sessions.
There is currently no indication of active exploitation of CVE-2026-24003.
Refer to the official Everest-Core documentation and security advisories for the latest information regarding CVE-2026-24003.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.