CVE-2026-22540 | THREATINT

Description

The massive sending of ARP requests causes a denial of service on one board of the charger that allows control of the EV interfaces. Since the board must be operating correctly for the charger to also function correctly.

PUBLISHED Reserved 2026-01-07 | Published 2026-01-07 | Updated 2026-01-07 | Assigner S21sec

CRITICAL: 9.2CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Problem types

CWE-400 Uncontrolled Resource Consumption

Product status

Default status

unaffected

affected

Credits

Aarón Flecha Menéndez finder

Iván Alonso Álvarez finder

Víctor Bello Cuevas finder

References

cds.thalesgroup.com/en

cve.org (CVE-2026-22540)

nvd.nist.gov (CVE-2026-22540)

Download JSON