CVE-2026-22540
📋 TL;DR
This vulnerability allows attackers to cause a denial of service on electric vehicle charger control boards by flooding them with ARP requests. When exploited, this prevents the charger from functioning properly. This affects electric vehicle charging systems using vulnerable control boards.
💻 Affected Systems
- Thales EV charger control boards
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete charger failure preventing EV charging, potentially disrupting charging infrastructure and causing operational impacts at charging stations.
Likely Case
Temporary charger unavailability requiring manual reset or maintenance intervention to restore functionality.
If Mitigated
Minimal impact with proper network segmentation and ARP request rate limiting in place.
🎯 Exploit Status
ARP flooding is a well-known network attack technique requiring only network access to the target segment.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not specified
Vendor Advisory: https://cds.thalesgroup.com/en
Restart Required: No
Instructions:
Check Thales advisory for specific firmware updates. Apply any available patches following vendor instructions.
🔧 Temporary Workarounds
Network Segmentation
allIsolate charger control networks from general network traffic
ARP Rate Limiting
allConfigure network devices to limit ARP request rates
🧯 If You Can't Patch
- Implement strict network segmentation to isolate charger control networks
- Deploy network monitoring and intrusion detection for ARP flooding patterns
🔍 How to Verify
Check if Vulnerable:
Check if charger control board is on a network segment accessible to potential attackers and lacks ARP flood protectionCheck Version:
Consult Thales documentation for board firmware version checking proceduresVerify Fix Applied:
Test ARP request handling after implementing network controls or patches📡 Detection & Monitoring
Log Indicators:
- Unusual ARP traffic volume
- Charger board reset events
- Network interface errors
Network Indicators:
- High volume of ARP requests to charger IP addresses
- Unusual ARP broadcast traffic
SIEM Query:
source_ip=* AND protocol=arp AND packet_count>1000 WITHIN 1 MINUTE