CVE-2025-55705

EUVD-2026-4503
This vulnerability occurs when the system permits multiple simultaneous 
connections to the backend using the same charging station ID. This can 
result in unauthorized access, data inconsistency, or potential 
manipulation of charging sessions. The lack of proper session management
 and expiration control allows attackers to exploit this weakness by 
reusing valid charging station IDs to establish multiple sessions 
concurrently.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
icscertCNA
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
evmapaevmapa
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-08.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-08