Description
EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch.
Published: 2026-03-26
Score: 8.4 High
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The stack-based buffer overflow occurs in the ifreq.ifr_name field when an interface name longer than IFNAMSIZ (16) is supplied during CAN interface initialization. This overwrite corrupts adjacent stack memory and may enable an attacker to execute arbitrary code before any privilege checks, representing a potential remote code execution vulnerability (CWE-121).

Affected Systems

EVerest's everest-core component is affected in all releases prior to version 2026.02.0. Users running any such version on their EV charging infrastructure should consider their deployments at risk.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.4, indicating high severity. EPSS data is unavailable, and the issue is not listed in the CISA KEV catalog. The flaw can be exploited by supplying a maliciously crafted interface name during the initialization phase; it does not require privileged input but can be triggered remotely if the attacker can influence configuration or command execution on the system.

Generated by OpenCVE AI on March 26, 2026 at 17:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade EVerest to version 2026.02.0 or later to apply the official patch.
  • Restrict all CAN interface names to 15 characters or fewer to prevent overflows.
  • Verify configuration files for invalid or unusually long interface names before deployment.
  • Monitor system logs for signs of stack corruption or abnormal CAN interface usage.

Generated by OpenCVE AI on March 26, 2026 at 17:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Everest
Everest everest-core
Vendors & Products Everest
Everest everest-core

Thu, 26 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Description EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch.
Title EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Everest Everest-core
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-26T18:48:26.145Z

Reserved: 2026-01-19T18:49:20.658Z

Link: CVE-2026-23995

cve-icon Vulnrichment

Updated: 2026-03-26T18:48:22.737Z

cve-icon NVD

Status : Received

Published: 2026-03-26T15:16:32.137

Modified: 2026-03-26T15:16:32.137

Link: CVE-2026-23995

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:26:34Z

Weaknesses