CVE-2025-68135 – This vulnerability in EVerest EV charging softw... (How to Fix)

Q: What is the severity of CVE-2025-68135?

CVE-2025-68135 has a CVSS score of 6.5 (MEDIUM). This vulnerability in EVerest EV charging software allows unhandled C++ exceptions in the TbdController loop to cause silent termination of the controller and its caller. This leads to denial of service for SDP and ISO15118-20 servers, affecting all EV charging stations running vulnerable EVerest versions.

📋 TL;DR

This vulnerability in EVerest EV charging software allows unhandled C++ exceptions in the TbdController loop to cause silent termination of the controller and its caller. This leads to denial of service for SDP and ISO15118-20 servers, affecting all EV charging stations running vulnerable EVerest versions.

💻 Affected Systems

Products:

EVerest EV charging software stack

Versions: All versions prior to 2025.10.0

Operating Systems: Linux-based systems running EVerest

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all deployments using the vulnerable TbdController component for SDP and ISO15118-20 server functionality.

📦 What is this software?

Everest by Linuxfoundation

View all CVEs affecting Everest →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of EV charging services at affected stations, preventing vehicles from charging and potentially causing cascading failures in charging networks.

🟠

Likely Case

Intermittent charging service outages at individual stations when exceptions are triggered, requiring manual restart of affected components.

🟢

If Mitigated

Minimal impact with proper monitoring and automated restart mechanisms in place to detect and recover from component failures.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires triggering C++ exceptions in the TbdController loop, which could occur through malformed network packets or unexpected system conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2025.10.0

Vendor Advisory: https://github.com/EVerest/everest-core/security/advisories/GHSA-g7mm-r6qp-96vh

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Update EVerest to version 2025.10.0 or later. 3. Restart all EVerest services. 4. Verify functionality of charging services.

🔧 Temporary Workarounds

Implement external monitoring and restart

linux

Deploy external monitoring to detect TbdController failures and automatically restart the service

# Example systemd service restart on failure
[Service]
Restart=on-failure
RestartSec=5s

🧯 If You Can't Patch

Implement network segmentation to isolate charging infrastructure from untrusted networks
Deploy rate limiting and input validation at network perimeter to filter malformed packets

🔍 How to Verify

Check if Vulnerable:

Check EVerest version with: everest --version or examine installed package version

Check Version:

everest --version

Verify Fix Applied:

Verify version is 2025.10.0 or later and test SDP/ISO15118-20 server functionality under stress conditions

📡 Detection & Monitoring

Log Indicators:

Unexpected termination of TbdController process
C++ exception stack traces in logs
SDP/ISO15118-20 service failures

Network Indicators:

Sudden drop in charging station network traffic
Failed ISO15118-20 handshakes

SIEM Query:

process_name:"TbdController" AND event_type:"process_termination"

📊 Metadata

CVE ID: CVE-2025-68135

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-703

EPSS Score: 0.02% exploit probability (4.8th percentile)

Published: January 21, 2026

Last Updated: February 6, 2026

🔗 References

https://github.com/EVerest/everest-core/security/advisories/GHSA-g7mm-r6qp-96vh Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-68135, you might also want to check these: