Primary

Context

Autel MaxiCharger AC Wallbox Commercial Buffer Overflow Remote Code Execution Vulnerability

Vulnerability

A buffer overflow vulnerability allowing remote code execution has been identified in the Autel MaxiCharger AC Wallbox Commercial EV chargers. This issue arises from improper validation of the length of user-supplied data in USB frame packets, enabling physically present attackers to execute arbitrary code on the device. No authentication is required for exploitation.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device.

Remediation

The vulnerability has been fixed in the American Standard version 1.39.51 and European Standard version 1.56.51.

Added: Jun 25, 2025, 6:43 PM

Updated: Jun 25, 2025, 6:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autel MaxiCharger AC Wallbox Commercial Buffer Overflow Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating