← Retour aux CVEs
CVE-2025-68134
HIGH7.4
Description
EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denial of service. In a context where a manager handles multiple EVSE, this would also impact other users. Version 2025.10.0 fixes the issue.
Details CVE
Score CVSS v3.17.4
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie1/21/2026
Derniere modification2/6/2026
Sourcenvd
Observations honeypot0
Produits affectes
linuxfoundation:everest
Faiblesses (CWE)
CWE-20
References
https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3(security-advisories@github.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.