CVE-2026-27649
Last modified
CVE-2026-27649 is a medium-severity vulnerability rated 6.9/10 on the CVSS scale. The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. EPSS estimates a 0.33% chance of exploitation in the next 30 days.
Description
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ctek | Charge Portal | All versions |
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-06Third Party Advisory, US Government Resource
- https://www.ctek.com/supportProduct
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-27649?
How severe is CVE-2026-27649?
How do I fix CVE-2026-27649?
Are you affected by CVE-2026-27649?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST