CVE-2025-68132

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-68132

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68132.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-68132

Aliases

GHSA-79gc-m8w6-9hx5

Published

2026-01-21T18:28:40.763Z

Modified

2026-03-13T03:42:37.711712Z

Severity

2.4 (Low) CVSS_V4 - CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver

Details

EVerest is an EV charging software stack. Prior to version 2025.12.0, is_message_crc_correct in the DZG_GSH01 powermeter SLIP parser reads vec[vec.size()-1] and vec[vec.size()-2] without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach is_message_crc_correct with vec.size() < 2 (only via the multi-message path), causing an out-of-bounds read before CRC verification and pop_back underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68132.json",
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/everest/everest-core

Affected ranges

Type

GIT

Repo

https://github.com/everest/everest-core

Events

Introduced

Fixed

227730cd01913f960df3e6f83fef128927a07bed

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2025.12.0"
        }
    ]
}

Affected versions

2022.*

2022.12.0

2022.12.1

2023.*

2023.1.0

2023.10.0

2023.12.0

2023.2.0

2023.2.1

2023.3.0

2023.5.0

2023.6.0

2023.7.0

2023.8.0

2023.9.0

2023.9.1

2024.*

2024.1.0

2024.10.0

2024.11.0

2024.2.0

2024.3.0-rc1

2024.4.0

2024.5.0

2024.6.0-rc1

2024.6.0-rc2

2024.7.0

2024.7.1

2024.8.0

2024.9.0-rc1

2025.*

2025.1.0-rc1

2025.1.0-rc2

2025.10.0

2025.2.0

2025.3.0

2025.4.0-rc1

2025.5.0

2025.6.0

2025.7.0

2025.7.0-rc1

2025.8.0

2025.9.0

Database specific

vanir_signatures

[
    {
        "target": {
            "function": "Charger::run_state_machine",
            "file": "modules/EVSE/EvseManager/Charger.cpp"
        },
        "id": "CVE-2025-68132-9f19b164",
        "digest": {
            "function_hash": "105791959420441360961467020136404249444",
            "length": 17735.0
        },
        "source": "https://github.com/everest/everest-core/commit/227730cd01913f960df3e6f83fef128927a07bed",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "modules/EVSE/EvseManager/Charger.cpp"
        },
        "id": "CVE-2025-68132-c16e428e",
        "digest": {
            "line_hashes": [
                "110216529751547046126947211302911956576",
                "186091680927816495345340104376671627738",
                "54993989512986692269835695775072838076",
                "114766109131830359881831328581278020720"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/everest/everest-core/commit/227730cd01913f960df3e6f83fef128927a07bed",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68132.json"