Improper Access Control in Heliox EV Charging Stations
CVE-2025-27769

2.4LOW

Key Information:

Vendor

Siemens
Status
Heliox Flex 180 Kw Ev Charging Station
Heliox Mobile Dc 40 Kw Ev Charging Station
Vendor
CVE Published:
10 March 2026

What is CVE-2025-27769?

A significant vulnerability has been identified in the Heliox Flex 180 kW and Mobile DC 40 kW EV Charging Stations that arises from improper access control mechanisms. This flaw enables potential attackers to exploit the charging cable to gain unauthorized access to sensitive services within the devices. Users of these charging stations should take immediate precautions to secure their systems against exploitation, particularly those operating versions before specified updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Heliox Flex 180 kW EV Charging Station 0

Heliox Mobile DC 40 kW EV Charging Station 0

References

https://cert-portal.siemens.com/productcert/html/ssa-1263...

CVSS V4

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.