CVE-2025-27575 – An unauthenticated attacker can retrieve EV cha... (How to Fix)

Q: What is the severity of CVE-2025-27575?

CVE-2025-27575 has a CVSS score of 5.3 (MEDIUM). An unauthenticated attacker can retrieve EV charger version information and firmware upgrade history by knowing the charger's identifier. This information disclosure vulnerability affects electric vehicle charging systems that expose this data without proper authentication controls.

📋 TL;DR

An unauthenticated attacker can retrieve EV charger version information and firmware upgrade history by knowing the charger's identifier. This information disclosure vulnerability affects electric vehicle charging systems that expose this data without proper authentication controls.

💻 Affected Systems

Products:

EV charging systems

Versions: Specific versions not detailed in advisory

Operating Systems: Embedded systems/ICS devices

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems where charger ID is known or guessable by attackers

📦 What is this software?

Cloud Portal by Growatt

View all CVEs affecting Cloud Portal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could map all EV chargers in a network, identify outdated firmware versions, and plan targeted attacks against known vulnerable systems.

🟠

Likely Case

Information gathering that enables reconnaissance for future attacks, potentially revealing system architecture and update patterns.

🟢

If Mitigated

Limited exposure of non-sensitive metadata with no direct path to compromise.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP request with known charger ID required

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific versions

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04

Restart Required: Yes

Instructions:

1. Consult vendor advisory for affected products
2. Apply vendor-provided firmware updates
3. Restart charging systems after update

🔧 Temporary Workarounds

Network segmentation

all

Isolate EV charging systems from untrusted networks

Access control implementation

all

Implement authentication for charger information endpoints

🧯 If You Can't Patch

Segment EV charging network from internet and untrusted internal networks
Implement network monitoring for unauthorized access attempts to charger endpoints

🔍 How to Verify

Check if Vulnerable:

Test if unauthenticated requests to charger information endpoints return version/history data

Check Version:

Vendor-specific command; check device management interface

Verify Fix Applied:

Verify authentication is required for charger information endpoints after update

📡 Detection & Monitoring

Log Indicators:

Unauthenticated access to charger information endpoints
Multiple failed authentication attempts

Network Indicators:

Unusual HTTP requests to charger management interfaces
Reconnaissance patterns targeting charger IDs

SIEM Query:

source="ev_charger_logs" AND (event="unauthorized_access" OR event="information_disclosure")

📊 Metadata

CVE ID: CVE-2025-27575

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-639

EPSS Score: 0.27% exploit probability (50.3th percentile)

Published: April 15, 2025

Last Updated: November 14, 2025

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04 Mitigation,Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-27575, you might also want to check these: