CVE-2025-52263 in Artemis AC Charger 7-22 kW
Summary
by MITRE • 10/27/2025
An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows authenticated network-adjacent attackers to upload crafted firmware, leading to arbitrary code execution.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 10/28/2025
The vulnerability identified as CVE-2025-52263 resides within the Web Configuration module of the Startcharge Artemis AC Charger 7-22 kW version 1.0.4, representing a critical security flaw that exposes the device to authenticated network-adjacent attackers. This issue stems from inadequate input validation and insufficient firmware upload restrictions within the web interface, creating a pathway for malicious actors to escalate their privileges and execute arbitrary code on the affected device. The vulnerability specifically targets the firmware update mechanism, which should normally require strict authentication and validation processes to prevent unauthorized modifications.
The technical flaw manifests through the absence of proper file type checking and content validation during firmware upload operations. An authenticated attacker who has access to the network segment containing the charger can exploit this weakness by crafting malicious firmware images that bypass the intended security controls. This vulnerability falls under the CWE-434 category of Unrestricted Upload of File with Dangerous Type, which is a well-documented weakness that allows attackers to upload executable files or scripts that can be executed within the target system context. The lack of proper access controls and validation mechanisms creates a direct path to code execution, enabling the attacker to gain full control over the device's operational capabilities.
The operational impact of this vulnerability extends beyond simple unauthorized access, as it provides attackers with complete control over the charging infrastructure. An attacker who successfully exploits this vulnerability can modify the firmware to redirect charging operations, alter security parameters, or even create backdoors for persistent access. This poses significant risks to the charging network, potentially allowing for service disruption, unauthorized energy consumption, or manipulation of charging data. The vulnerability affects the integrity and availability of the charging service, as attackers can modify the device behavior without detection. The compromised device could be used as a pivot point for further attacks within the network infrastructure, particularly in environments where charging stations are connected to critical systems or where they serve as part of a larger smart grid ecosystem.
Mitigation strategies for CVE-2025-52263 should focus on implementing robust access controls and input validation mechanisms within the web configuration interface. Network segmentation and firewall rules should be enforced to limit access to the charging infrastructure, ensuring that only authorized personnel can interact with the device configuration. The firmware upload process must be enhanced with strict file type validation, content verification, and digital signature checking to prevent unauthorized modifications. Organizations should also implement network monitoring solutions to detect unusual traffic patterns or unauthorized firmware updates that could indicate exploitation attempts. Regular firmware updates and security patches should be applied promptly to address known vulnerabilities, while also implementing secure coding practices that prevent similar issues from occurring in future versions. The implementation of principle of least privilege access controls and multi-factor authentication for administrative access can significantly reduce the risk of exploitation, aligning with the ATT&CK framework's mitigation recommendations for credential access and execution techniques.