CVE-2026-27777
MEDIUMSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
AnalysisAI
Charging station authentication credentials are exposed through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain valid authentication identifiers. An attacker with these credentials could gain unauthorized access to charging station networks and potentially manipulate charging operations or access connected infrastructure. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-522 (Insufficiently Protected Credentials). Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
Affected ProductsAI
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-522 – Insufficiently Protected Credentials
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today