{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33015", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-17T17:22:14.666Z", "datePublished": "2026-03-26T16:42:50.695Z", "dateUpdated": "2026-03-26T17:35:07.268Z"}, "containers": {"cna": {"title": "EVerest has RemoteStop Bypass via BCB Toggle Session Restart", "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc"}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"version": "< 2026.02.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:42:50.695Z"}, "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to `PrepareCharging` via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operational/billing/safety controls. Version 2026.02.0 contains a patch."}], "source": {"advisory": "GHSA-pw9q-2287-cchc", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:35:04.423385Z", "id": "CVE-2026-33015", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:35:07.268Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33015", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T17:35:04.423385Z"}}}], "references": [{"url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:34:59.421Z"}}], "cna": {"title": "EVerest has RemoteStop Bypass via BCB Toggle Session Restart", "source": {"advisory": "GHSA-pw9q-2287-cchc", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"status": "affected", "version": "< 2026.02.0"}]}], "references": [{"url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc", "name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to `PrepareCharging` via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operational/billing/safety controls. Version 2026.02.0 contains a patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:42:50.695Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33015", "state": "PUBLISHED", "dateUpdated": "2026-03-26T17:35:07.268Z", "dateReserved": "2026-03-17T17:22:14.666Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T16:42:50.695Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linuxfoundation:everest:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB167E67-6808-4F7B-9505-FFF0C02B288C", "versionEndExcluding": "2026.02.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to `PrepareCharging` via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operational/billing/safety controls. Version 2026.02.0 contains a patch."}, {"lang": "es", "value": "EVerest es una pila de software de carga de veh\u00edculos el\u00e9ctricos. Antes de la versi\u00f3n 2026.02.0, incluso inmediatamente despu\u00e9s de que el CSMS realice un RemoteStop (StopTransaction), el EVSE puede volver a 'PrepareCharging' a trav\u00e9s del interruptor BCB del VE, permitiendo el reinicio de la sesi\u00f3n. Esto rompe la irreversibilidad de la parada remota y puede eludir los controles operativos/de facturaci\u00f3n/de seguridad. La versi\u00f3n 2026.02.0 contiene un parche."}], "id": "CVE-2026-33015", "lastModified": "2026-03-31T14:20:51.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-26T17:16:38.130", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.02.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "everest-core", "source": "cna", "vendor": "EVerest"}, "product": "everest-core", "vendor": "everest"}], "analysis": {"en": {"generated_at": "2026-03-31T15:29:46.823517+00:00", "value": {"mitigation_remediation": ["Upgrade the EVerest software to version 2026.02.0 or later. ", "Verify that all charging stations are running the patched version. ", "Monitor charging logs for unexpected session restarts or billing anomalies."], "summary": {"action": "Apply Patch", "impact": "Remote stop irreversibility bypass"}, "threat_synthesis": {"affected_systems": "This problem affects the EVerest core software stack, used in electric vehicle charging stations. The issue is present in releases older than version 2026.02.0; any deployment of the 2026.01.x or earlier series is vulnerable. The software is distributed by the Linux Foundation under the EVerest project.", "description_and_impact": "The flaw exists in the EV charging software stack EVerest. A RemoteStop operation issued by a CSMS should permanently terminate a charging session. However, before version 2026.02.0, an EVSE can trigger a BCB toggle immediately after the stop, causing the system to transition back to PrepareCharging. This action forcibly restarts the session, effectively bypassing the intended security, billing, and safety controls. The outcome is that a charging session can be resumed even after a remote stop, undermining transaction integrity.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 5.2, indicating a moderate risk level. With an EPSS score under 1\u202f%, exploitation is unlikely to be widespread at present, and it is not known to be featured in the CISA KEV catalog. Exploitation requires the ability to toggle the BCB on the EVSE immediately after a RemoteStop has been issued; the analysis infers this to be a local or device\u2011side action rather than a remote network exploit. Because it forces the session back into the charging state, a user or attacker who can control the EVSE could resume billing. Yet, to trigger the flaw an attacker must already have physical or local access to the charging equipment, a condition that limits the overall attack reach. The severity remains moderate, but any deployment operating with earlier releases should be patched to eliminate the ability to restart a terminated session."}}}}, "created": "2026-03-27T08:33:44.789526+00:00", "updated": "2026-03-31T20:08:46.357938+00:00", "vendors": ["everest", "everest$PRODUCT$everest-core"]}