Primary

Context

Mennekes Smart/Premium Charging Systems Command Injection Vulnerability in SCU Firmware

Vulnerability

A command injection vulnerability has been identified in the SCU firmware update interface of Mennekes Smart and Premium charging stations, specifically in versions prior to 2.15. This vulnerability allows authenticated attackers to execute arbitrary OS commands by exploiting improper neutralization of command elements in certain fields.

Impact

Exploitation of this vulnerability allows for authenticated remote command execution on the affected charging station's operating system.

Remediation

Users are advised to update the firmware to version 2.15 or later. The latest firmware can be downloaded from the Mennekes Software Updates page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mennekes Smart/Premium Charging Systems Command Injection Vulnerability in SCU Firmware

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating