CVE-2025-68136
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-21

Last updated on: 2026-02-06

Assigner: GitHub, Inc.

Description
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like `Session`, `IConnection` which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, without closing and destroying the previous ones. Previous `Session` is not saved and the usage of an `unique_ptr` is lost, destroying connection data. Latter, if the used socket and therefore file descriptor is not the last one, it will lead to a null pointer dereference. Version 2025.10.0 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-21
Last Modified
2026-02-06
Generated
2026-06-16
AI Q&A
2026-01-21
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68136
EUVD
EUVD-2025-206318
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linuxfoundation everest to 2025.10.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-68136 is a high-severity vulnerability in the EVerest everest-core module related to improper session and resource management during ISO15118-20 communications. When the module receives an SDP request, it creates new Session and IConnection objects and opens new TCP sockets without properly closing or destroying the previous ones. This leads to resource leaks where multiple sockets remain open and registered callbacks accumulate without cleanup. Repeated SDP requests cause the system to open multiple listening sockets on the same port, exhausting file descriptors and causing memory errors. This can result in null pointer dereferences and crashes, leading to denial of service of the EVerest processes and all EVSE functionality. The issue is fixed in version 2025.10.0. [1]

Impact Analysis

This vulnerability can cause denial of service by crashing the EVerest processes and all related modules, which affects the Electric Vehicle Supply Equipment (EVSE) functionality. An attacker can exploit it by sending repeated SDP requests, causing the system to exhaust its file descriptor limit or trigger memory access violations, leading to system instability or shutdown. [1]

Detection Guidance

This vulnerability can be detected by monitoring for multiple open TCP sockets on the same port (port 50000) related to the EVerest everest-core module. Using commands like 'netstat' to check for multiple listening sockets on port 50000 can help identify the issue. Additionally, sending multiple SDP requests via IPv6 multicast and observing if the module opens multiple listening sockets or crashes can confirm the vulnerability. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade the EVerest everest-core module to version 2025.10.0 or later, where the issue is fixed by proper cleanup of previous sessions and file descriptors. Until the upgrade, limiting or blocking repeated SDP requests on the network or restricting access to the affected service port (50000) may reduce exploitation risk. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68136. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart