ev2go.io Charging System Vulnerabilities Advisory (CVE-2026-24731 et al.) ICSA-26-057-04

Critical Vulnerability Information Summary Publication Date: February 26, 2026 Alert Code: ICSA-26-057-04 Related Topics: Industrial Control System Vulnerabilities, Industrial Control Systems Successful exploitation of these vulnerabilities may allow attackers to impersonate charging stations, hijack charging sessions, suppress or mislead legitimate traffic to cause large-scale denial of service, and manipulate data sent to backend systems. Affected Versions Affected Versions: ev2go.io vers:all/ (CVE-2026-24731, CVE-2026-25945, CVE-2026-20895, CVE-2026-22890) CVSS Score CVSS v3: 9.4 Vulnerability Details CVE-2026-24731: Missing authentication for critical functions, overly restricted authentication attempts, insufficient session expiration, and inadequately protected credentials. CVE-2026-25945 CVE-2026-20895 CVE-2026-22890 Background Critical Infrastructure Sectors: Energy, Transportation Systems Deployment Countries/Regions: Global Company Headquarters Location: United Kingdom Recommended Actions Minimize the network exposure of all control system devices and/or systems, ensuring they are not accessible via the Internet. Place control system networks and remote devices behind firewalls and isolate them from corporate networks. When remote access is required, use more secure methods such as Virtual Private Networks (VPNs), and keep them updated to the latest versions; however, be aware that VPNs may have vulnerabilities and are only as secure as the connected devices. Deploy defensive measures after conducting appropriate impact analysis and risk assessment. Implement recommended cybersecurity strategies to proactively defend ICS assets. Legal Disclaimer and Terms of Use This product is provided subject to this notice and the Privacy and Terms of Use. Revision History Initial Publication Date: February 26, 2026 Tags Sectors: Energy Sector, Transportation Systems Sector Topics**: Industrial Control System Vulnerabilities, Industrial Control Systems

Goal Reached Thanks to every supporter — we hit 100%!

ev2go.io Charging System Vulnerabilities Advisory (CVE-2026-24731 et al.) ICSA-26-057-04

More from this source