A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging…
siemens·CWE-923·Published 2026-03-10
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). Affected devices contain improper access control that could allow an attacker to reach unauthorized services via the charging cable.
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). Affected devices contain improper access control that could allow an attacker to reach unauthorized services via the charging cable.
Se ha identificado una vulnerabilidad en la estación de carga de vehículos eléctricos Heliox Flex 180 kW (todas las versiones < F4.11.1), la estación de carga de vehículos eléctricos Heliox Mobile DC 40 kW (todas las versiones < L4.10.1). Los dispositivos afectados contienen un control de acceso inadecuado que podría permitir a un atacante acceder a servicios no autorizados a través del cable de carga.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 2.6 | — | — | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Primary | NVD | 2.6 | 0.9 | 1.4 | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Primary | cve.org | 2.6 | — | — | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |
| 4.0 | Primary | cve.org | 2.4 | — | — | CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N |
| 4.0 | Primary | cve.org | 2.4 | — | — | CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N |
| 4.0 | Secondary | NVD | 2.4 | — | — | CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |