CVE-2026-9037

Name of the Vulnerable Software and Affected Versions Charging controller (affected versions not specified)

Description A firmware update mechanism fails to validate the authenticity of firmware packages delivered through the device's management interface. Due to the lack of cryptographic signature verification, an attacker capable of interfering with or impersonating the management channel can force the installation of an unauthorized firmware package, potentially leading to the execution of unauthorized code with high privileges on the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.