XCharge C6 Firmware Update Authenticity Validation Vulnerability Allowing Unauthorized Code Execution

Vulnerability

A vulnerability exists in the XCharge C6 charging controller's firmware update mechanism, which fails to properly validate the authenticity of firmware packages received through the device's management interface. This lack of cryptographic signature verification enables an attacker to intercept or impersonate the management channel and cause the device to install unauthorized firmware. Such an action could lead to the execution of unauthorized code with high privileges on the device.

Impact

Exploitation of this vulnerability could allow an attacker to execute unauthorized code with high privileges on the affected device.

Added: May 28, 2026, 9:13 PM

Updated: May 28, 2026, 9:13 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

9.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

9.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

XCharge C6 Firmware Update Authenticity Validation Vulnerability Allowing Unauthorized Code Execution

Vulnerability

Impact

Affected Products

XCharge C6

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating