CVE-2024-37310
📋 TL;DR
An integer overflow vulnerability in EVerest EV charging software allows remote attackers to trigger heap overflow via the v2g_incoming_v2gtp function. This can potentially lead to remote code execution or denial of service. Organizations using EVerest for EV charging infrastructure are affected.
💻 Affected Systems
- EVerest EV charging software stack
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, allowing attacker to control EV charging infrastructure, manipulate charging sessions, or pivot to other network systems.
Likely Case
Denial of service causing EV charging stations to become unavailable, disrupting charging operations and potentially causing financial impact.
If Mitigated
Contained denial of service with minimal operational impact if proper network segmentation and monitoring are in place.
🎯 Exploit Status
Exploitation requires sending specially crafted V2GTP packets to the vulnerable service. No authentication is required to trigger the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2024.3.1 or 2024.6.0
Vendor Advisory: https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96
Restart Required: Yes
Instructions:
1. Backup current configuration. 2. Update to EVerest version 2024.3.1 or 2024.6.0. 3. Restart the EVerest service. 4. Verify the update was successful.
🔧 Temporary Workarounds
Network segmentation
linuxRestrict network access to EVerest V2G service to only trusted networks
iptables -A INPUT -p tcp --dport [V2G_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [V2G_PORT] -j DROP
🧯 If You Can't Patch
- Implement strict network access controls to limit exposure to the V2G service
- Deploy intrusion detection systems to monitor for exploitation attempts
🔍 How to Verify
Check if Vulnerable:
Check EVerest version: grep -i version /path/to/everest/config or check running process versionCheck Version:
everest --version or check package manager (apt/dnf/yum) for installed versionVerify Fix Applied:
Verify version is 2024.3.1 or higher, or 2024.6.0 or higher. Test V2G functionality remains operational.📡 Detection & Monitoring
Log Indicators:
- Unexpected process crashes of everest-v2g-server
- Memory allocation errors in system logs
- Abnormal V2G packet sizes in application logs
Network Indicators:
- Unusually large V2GTP packets to port 15118
- Multiple connection attempts to V2G service from single source
SIEM Query:
source="everest.logs" AND ("segmentation fault" OR "heap overflow" OR "v2g_incoming_v2gtp")🔗 References
- https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e
- https://github.com/EVerest/everest-core/releases/tag/2024.3.1
- https://github.com/EVerest/everest-core/releases/tag/2024.6.0
- https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96
- https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e
- https://github.com/EVerest/everest-core/releases/tag/2024.3.1
- https://github.com/EVerest/everest-core/releases/tag/2024.6.0
- https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96
- https://plaxidityx.com/blog/automotive-cyber-security/ev-cyber-security-plaxidityx-discovers-critical-vulnerability-in-everest-open-source-ev-charging-firmware-stack-cve-2024-37310/
