CVE-2023-49957

Name of the Vulnerable Software and Affected Versions Dalmann OCPP.Core versions prior to 1.3.0

Description An issue was discovered in Dalmann OCPP.Core for OCPP (Open Charge Point Protocol) for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing errors.

Recommendations For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the same connectorId and idTag for multiple transactions to minimize the risk of exploitation.