CVE-2025-68140

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68140
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68140.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68140
Aliases
  • GHSA-w385-3jwp-x47x
Published
2026-01-21T19:54:51.285Z
Modified
2026-03-13T03:42:37.863432Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
EVerest allows null session ID to bypass session ID verification
Details

EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verified, it is checked whether the submitted session ID matches the registered one. However, if no session has been registered, the default value is 0. Therefore, a message submitted with a session ID of 0 is accepted, as it matches the registered value. This could allow unauthorized and anonymous indirect emission of MQTT messages and communication with V2G messages handlers, updating a session context. Version 2025.9.0 fixes the issue.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68140.json",
    "cwe_ids": [
        "CWE-863"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/everest/everest-core

Affected ranges

Type
GIT
Repo
https://github.com/everest/everest-core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3beacf9bd5efe1109ff53f58a40f68582bfe99b3
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2025.9.0"
        }
    ]
}

Affected versions

2022.*
2022.12.0
2022.12.1
2023.*
2023.1.0
2023.10.0
2023.12.0
2023.2.0
2023.2.1
2023.3.0
2023.5.0
2023.6.0
2023.7.0
2023.8.0
2023.9.0
2023.9.1
2024.*
2024.1.0
2024.10.0
2024.11.0
2024.2.0
2024.3.0-rc1
2024.4.0
2024.5.0
2024.6.0-rc1
2024.6.0-rc2
2024.7.0
2024.7.1
2024.8.0
2024.9.0-rc1
2025.*
2025.1.0-rc1
2025.1.0-rc2
2025.2.0
2025.3.0
2025.4.0-rc1
2025.5.0
2025.6.0
2025.7.0
2025.7.0-rc1
2025.8.0

Database specific

vanir_signatures 
[
    {
        "target": {
            "file": "modules/EVSE/EvseV2G/iso_server.cpp"
        },
        "id": "CVE-2025-68140-2f94828d",
        "digest": {
            "line_hashes": [
                "296119331210643435140494467430923056486",
                "20506104951866321960682041981156319326",
                "311595452720942138235191909965388625444",
                "22838778776198764978922933138584840790",
                "323258132419722979082553799862765548682"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/everest/everest-core/commit/3beacf9bd5efe1109ff53f58a40f68582bfe99b3",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "function": "handle_iso_session_setup",
            "file": "modules/EVSE/EvseV2G/iso_server.cpp"
        },
        "id": "CVE-2025-68140-6362e428",
        "digest": {
            "function_hash": "86176860166003917812351517793015906318",
            "length": 2170.0
        },
        "source": "https://github.com/everest/everest-core/commit/3beacf9bd5efe1109ff53f58a40f68582bfe99b3",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68140.json"