CVE-2025-5828 in MaxiCharger AC Wallbox Commercial情報

要約

〜によって MITRE • 2025年06月25日

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of USB frame packets. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26328.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

予約する

2025年06月06日

公開

2025年06月25日

モデレーション

承諾済み

エントリ

VDB-312343

CPE

準備完了

CWE

CWE-120 (確認済み)

CVSS

6.8 (CNA)

EPSS

0.00217

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-5828
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-5828
CVE Details	https://www.cvedetails.com/cve/CVE-2025-5828/

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!