Heliox EV Charging Stations: Unauthorized Access via Charging Cable

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.4

Heliox EV Charging Stations: Unauthorized Access via Charging Cable

CVE-2025-27769

Summary

Heliox's 180 kW and 40 kW EV charging stations, if not updated to the latest versions (F4.11.1 or L4.10.1), can be accessed by unauthorized parties through the charging cable. This could lead to malicious activity, compromising the security of the charging station. To mitigate this risk, it's essential to update the software to the latest version.

Original title

Original description

A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). Affected devices contain improper access control that could allow an attacker to reach unauthorized services via the charging cable.

nvd CVSS3.1 2.6

nvd CVSS4.0 2.4

Vulnerability type

CWE-923

https://cert-portal.siemens.com/productcert/html/ssa-126399.html

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026