PT-2026-28328 · Everest · Everest

Finder16

Publicado

2026-03-26

Atualizado

2026-03-29

CVE-2026-22790

CVSS v3.1

8.8

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0

Description EVerest is an EV charging software stack. Prior to version 2026.02.0, the HomeplugMessage::setup payload function trusts the len variable after an assert check. In release builds, this check is removed, allowing oversized SLAC payloads to be copied into a roughly 1497-byte stack buffer via memcpy. This buffer overflow corrupts the stack, potentially enabling remote code execution from network-provided frames. The vulnerable function is HomeplugMessage::setup payload. The len variable is a vulnerable parameter.

Recommendations Versions prior to 2026.02.0 should be updated to version 2026.02.0 or later.

Exploit

Correção

Stack Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121

Identificadores relacionados

CVE-2026-22790

GHSA-WH8W-7CFC-GQ7M

Produtos afetados

Everest

PT-2026-28328 · Everest · Everest

CVE-2026-22790

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7