CVE-2025-24003HIGH 8.2EPSS p26.0%

CVE-2025-24003CVE-2025-24003

Description

An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS0.34% probability of exploitation · percentile 26.0% · 2026-06-18T12:00:27Z
Published2025-07-08
Last modified2025-07-11

Underlying weaknesses· 1

CWE-120

References

  1. https://certvde.com/en/advisories/VDE-2025-014

1

TypeTargetConfidenceTier
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-1200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-25192
CVE
CVE-2026-22552
CVE
CVE-2026-26051
CVE
CVE-2026-27028
CVE
CVE-2026-20781
CVE
CVE-2026-25114
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.