EV Energy ev.energy

Act Now9.4ICS-CERT ICSA-26-057-07Feb 26, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

EV Energy charging stations contain multiple authentication and authorization flaws (CWE-306, CWE-307, CWE-613, CWE-522) that could allow unauthenticated remote attackers to gain administrative control. All versions are affected. The vendor has not responded to coordination requests and no fix is currently available.

What this means

What could happen

An attacker could gain administrative control of EV charging stations, allowing them to disable charging service, alter billing records, or access customer data. This could disrupt energy delivery to fleet operators and municipalities that depend on these chargers.

Who's at risk

Municipal and utility electric operations, fleet charging networks, and energy operators who deploy EV Energy charging stations. This affects any organization relying on these stations for EV fleet management or public charging infrastructure.

How it could be exploited

An attacker with network access to an EV Energy charging station could exploit authentication and authorization flaws (CWE-306, CWE-307) combined with weak credential storage (CWE-522) to bypass login controls and gain administrative access without valid credentials.

Prerequisites

Network access to the charging station management interface (port and protocol unknown—check your network documentation)
No valid credentials required

remotely exploitableno authentication requiredlow complexityno patch availableaffects charging infrastructure

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

ev.energy: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

HOTFIXContact EV Energy at https://www.ev.energy/en-us to request information on available patches, hotfixes, or interim mitigations

HARDENINGIsolate affected EV charging stations on a separate network segment or VLAN with restricted access from untrusted networks

WORKAROUNDImplement firewall rules to restrict administrative access to charging station management interfaces to authorized workstations only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor charging station logs for unauthorized login attempts, administrative changes, or denial-of-service activity

CVEs (4)

CVE-2026-27772 CVE-2026-24445 CVE-2026-26290 CVE-2026-25774

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/aee588df-0893-4eab-ada5-6e25e103648c