CVE-2026-27770

Received Received - Intake

Exposure of Charging Station Authentication Identifiers via Web Mapping

Publication date: 2026-03-06

Last updated on: 2026-03-06

Assigner: ICS-CERT

Description

Charging station authentication identifiers are publicly accessible via web-based mapping platforms.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-03-06

Last Modified

2026-03-06

Generated

2026-06-16

AI Q&A

2026-03-06

EPSS Evaluated

2026-06-14

NVD

CVE-2026-27770

EUVD

EUVD-2026-9942

Affected Vendors & Products

Vendor	Product	Version / Range
epower	charging_stations	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-522	The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Attack-Flow Graph

Mitigation Strategies

I don't know

Executive Summary

This vulnerability involves charging station authentication identifiers being publicly accessible through web-based mapping platforms.

Impact Analysis

Because authentication identifiers for charging stations are publicly accessible, unauthorized parties could potentially use this information to impersonate legitimate users or gain unauthorized access to charging stations. This could lead to misuse or disruption of charging services.

Compliance Impact

I don't know

Detection Guidance

I don't know

Hi! I’m here to help you understand CVE-2026-27770. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2026-27770

Exposure of Charging Station Authentication Identifiers via Web Mapping

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart