Monthly
Everest EV charging software prior to version 2025.9.0 contains an improper pointer arithmetic flaw in error handling where integer values are concatenated to strings, allowing local operators with high privileges to read sensitive memory regions including heap and stack data. Public exploit code exists for this vulnerability. The flaw requires user interaction and is resolved in version 2025.9.0, though patches remain unavailable for affected earlier versions.
Everest EV charging software prior to version 2025.9.0 contains an improper pointer arithmetic flaw in error handling where integer values are concatenated to strings, allowing local operators with high privileges to read sensitive memory regions including heap and stack data. Public exploit code exists for this vulnerability. The flaw requires user interaction and is resolved in version 2025.9.0, though patches remain unavailable for affected earlier versions.