CVE-2026-27770
MEDIUMSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
AnalysisAI
Charging station authentication credentials are exposed through public web-based mapping platforms, allowing unauthenticated remote attackers to obtain sensitive authentication identifiers. This exposure enables attackers to potentially gain unauthorized access to charging infrastructure and associated systems. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-522 (Insufficiently Protected Credentials). Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
Affected ProductsAI
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-522 – Insufficiently Protected Credentials
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today