CVE-2025-55705
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-02-12
Assigner: ICS-CERT
Description
Description
This vulnerability occurs when the system permits multiple simultaneous
connections to the backend using the same charging station ID. This can
result in unauthorized access, data inconsistency, or potential
manipulation of charging sessions. The lack of proper session management
and expiration control allows attackers to exploit this weakness by
reusing valid charging station IDs to establish multiple sessions
concurrently.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| evmapa | evmapa | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-613 | According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization." |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs because the system allows multiple simultaneous connections to the backend using the same charging station ID. This happens due to improper session management and lack of session expiration control, enabling attackers to reuse valid charging station IDs to create multiple concurrent sessions.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access, data inconsistency, and potential manipulation of charging sessions, which may disrupt normal operations and compromise data integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70