CVE-2026-33015
EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop
EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to PrepareCharging via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operational/billing/safety controls.
Version 2026.02.0 contains a patch.
MEDIUM · CVSS 5.2
EPSS 0.0001
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0