Primary

Context

OpenV2G Buffer Overflow Vulnerability Leading to Memory Corruption

Vulnerability

Patched

A buffer overflow vulnerability has been identified in OpenV2G versions prior to 0.9.6. The issue arises in the EXI parsing feature, which lacks a proper length check when handling X509 serial numbers. This oversight allows an attacker to exploit the vulnerability, potentially causing memory corruption.

Impact

Exploitation of this vulnerability can lead to memory corruption, which may be leveraged to execute arbitrary code or cause a denial-of-service condition.

Remediation

Users are advised to update OpenV2G to version 0.9.6 or later. The latest version can be downloaded from the OpenV2G SourceForge release page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenV2G Buffer Overflow Vulnerability Leading to Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

Siemens OpenV2G

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating