{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T11:04:33.332","vulnerabilities":[{"cve":{"id":"CVE-2025-55705","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-01-22T23:15:50.137","lastModified":"2026-06-17T09:42:05.733","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability occurs when the system permits multiple simultaneous \nconnections to the backend using the same charging station ID. This can \nresult in unauthorized access, data inconsistency, or potential \nmanipulation of charging sessions. The lack of proper session management\n and expiration control allows attackers to exploit this weakness by \nreusing valid charging station IDs to establish multiple sessions \nconcurrently."},{"lang":"es","value":"Esta vulnerabilidad ocurre cuando el sistema permite múltiples conexiones simultáneas al backend utilizando el mismo ID de estación de carga. Esto puede resultar en acceso no autorizado, inconsistencia de datos o manipulación potencial de las sesiones de carga. La falta de una gestión de sesión y control de expiración adecuados permite a los atacantes explotar esta debilidad reutilizando IDs válidos de estaciones de carga para establecer múltiples sesiones concurrentemente."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"EVMAPA","product":"EVMAPA","defaultStatus":"unaffected","versions":[{"version":"All versions","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-23T20:10:35.019479Z","id":"CVE-2025-55705","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:evmapa:evmapa:*:*:*:*:*:*:*:*","matchCriteriaId":"8C85ACDB-38D2-4466-9206-529F45F4720E"}]}]}],"references":[{"url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-08.json","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-08","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]}]}}]}