Primary

Context

Ev2Go Charging Stations Insufficiently Protected Authentication Identifiers Vulnerability

Vulnerability

A vulnerability exists in Ev2Go charging stations, allowing authentication identifiers to be publicly accessed through web-based mapping platforms. This issue could enable attackers to impersonate charging stations, hijack sessions, misroute legitimate traffic, causing a large-scale denial-of-service, and manipulate data sent to the backend. The vulnerability affects all versions of the Ev2Go service.

Impact

Exploitation of this vulnerability could allow for the impersonation of charging stations, hijacking of sessions, suppression or misrouting of legitimate traffic, leading to a large-scale denial-of-service, and manipulation of data sent to the backend.

Remediation

Ev2Go did not respond to CISA's request for coordination. Contact Ev2Go using their contact page for more information.

Added: Feb 27, 2026, 12:28 AM

Updated: Feb 27, 2026, 12:28 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ev2Go Charging Stations Insufficiently Protected Authentication Identifiers Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating