CTEK Chargeportal

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-06.json strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. /strong /p p The following versions of CTEK Chargeportal are affected: /p ul li Chargeportal vers:all/* /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 9.4 /td td CTEK /td td CTEK Chargeportal /td td Missing Authentication for Critical Function, Improper Restriction of Excessive Authentication Attempts, Insufficient Session Expiration, Insufficiently Protected Credentials /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Energy, Transportation Systems /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Sweden /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2026-25192 /a /h3 div class= csaf-accordion-content p WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend. /p p a href= https://www.cve.org/CVERecord?id=CVE-2026-25192 View CVE Details /a /p hr h4 Affected Products /h4 h5 CTEK Chargeportal /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br CTEK /div div class= ics-version strong Product Version: /strong br CTEK Chargeportal: vers:all/* /div div class= ics-status strong Product Status: /strong br known_affected /div /div div class= ics-remediations h6 Remediations /h6 p strong Mitigation /strong br CTEK will be sunsetting this product in April 2026. Please contact CTEK for more information https://www.ctek.com/support. br a href= https://www.ctek.com/support https://www.ctek.com/support /a /p /div p strong Relevant CWE: /strong a href= https://cwe.mitre.org/data/definitions/306.html CWE-306 Missing Authentication for Critical Function /a /p hr h4 Metrics /h4 div class= csaf-table csaf-metrics-table table class= tablesaw tablesaw-stac