Severity by source
AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a firmware image before using it to perform an upgrade. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26354.
AnalysisAI
CVE-2025-5825 is a firmware downgrade remote code execution vulnerability in Autel MaxiCharger AC Wallbox Commercial charging stations that allows network-adjacent attackers with Bluetooth pairing capability to execute arbitrary code by uploading a malicious firmware image without proper validation. The vulnerability has a CVSS score of 7.5 (High) with high confidentiality, integrity, and availability impact, though exploitation requires prior Bluetooth device pairing. This is a ZDI-coordinated disclosure (ZDI-CAN-26354) affecting commercial charging infrastructure.
Technical ContextAI
The vulnerability exists in the firmware update mechanism of Autel MaxiCharger AC Wallbox Commercial units, a popular commercial EV charging station platform. The root cause is classified under CWE-1328 (Inadequate Implementation of Security Features in Firmware), specifically the lack of cryptographic signature verification or integrity validation before applying firmware updates. The attack vector is Adjacent Network (AV:A), indicating the attacker must first establish Bluetooth connectivity to the device—a pairing requirement that represents a significant prerequisite. The firmware update process accepts and applies untrusted firmware images without proper authentication, allowing an attacker who has paired a malicious Bluetooth device to downgrade or replace the firmware with a compromised version containing arbitrary code execution payloads.
RemediationAI
Immediate remediation steps: (1) Apply firmware updates from Autel addressing CVE-2025-5825 once released—monitor Autel's official security advisories for patched firmware versions; (2) Interim mitigations include disabling Bluetooth pairing on units where not operationally required, implementing network segmentation to isolate charging station management interfaces, and restricting Bluetooth device pairing to authorized personnel only; (3) Review Bluetooth pairing logs and revoke any unauthorized paired devices; (4) If available, implement signed firmware update verification at the network level before devices receive updates; (5) Coordinate with Autel support for patch availability timelines and staged deployment procedures for commercial fleets. Workarounds may include air-gapping management access, disabling remote firmware update capabilities if local update remains available, and physical security controls around charging stations to prevent unauthorized Bluetooth device proximity.
CVE-2025-5830 is a heap-based buffer overflow vulnerability in Autel MaxiCharger AC Wallbox Commercial EV chargers affec
CVE-2025-5827 is a stack-based buffer overflow vulnerability in the ble_process_esp32_msg function of Autel MaxiCharger
CVE-2025-5822 is a privilege escalation vulnerability in the Autel MaxiCharger AC Wallbox Commercial Technician API that
CVE-2025-6678 is an unauthenticated remote information disclosure vulnerability in Autel MaxiCharger AC Wallbox Commerci
CVE-2025-5824 is an authentication bypass vulnerability in Autel MaxiCharger AC Wallbox Commercial that allows network-a
Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This
Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability
Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. Thi
CVE-2025-5826 is a security vulnerability (CVSS 6.3) that allows network-adjacent attackers. Remediation should follow s
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-28667