CVE-2025-68133

low-risk

Published 2026-01-21

EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system's memory and cause the module to terminate by initiating an unlimited number of TCP connections that never proceed to ISO 15118-2 communication. This is possible because a new thread is started for each incoming plain TCP or TLS socket connection before any verification occurs, and the verification performed is too permissive. The EVerest processes and all its modules shut down, affecting all EVSE functionality. This issue is fixed in version 2025.10.0.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.4/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (1)

Everest

Affected Vendors

Linuxfoundation

References (3)

Patch https://github.com/EVerest/everest-core/commit/8127b8c54b296c4dd01b356ac26763f81...

Patch https://github.com/EVerest/everest-core/commit/de504f0c11069010d26767b0952739e9a...

Exploit https://github.com/EVerest/everest-core/security/advisories/GHSA-mv3w-pp85-5h7c

/ 100

low-risk

Severity 23/34 · High

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal