PT-2026-57340 · Hydro Québec · Le Circuit Electrique Charging Station Backend
Published
2026-07-10
·
Updated
2026-07-10
·
CVE-2026-44383
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Multiple connections to the backend using the same charging station ID
are allowed, which could allow an attacker to deploy multiple instances
of malicious OCPP clients to overwhelm the backend.
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Le Circuit Electrique Charging Station Backend