Excessive Backend Connections Vulnerability in Charging Station Systems
CVE-2026-44383

8.7HIGH

What is CVE-2026-44383?

This vulnerability allows multiple simultaneous connections to the backend via the same charging station ID. This flaw can be exploited by attackers to launch multiple malicious OCPP client instances, potentially overwhelming the backend infrastructure. As a result, the integrity and availability of the charging station's services could be compromised, making this a significant concern for system operators.

Affected Version(s)

Le Circuit Electrique charging station backend 0

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

An anonymous researcher reported this vulnerability to CISA
.