Full Report
The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. Siemens has released an update for the OpenV2G and recommends to update to the latest version.
Analysis Summary
# Vulnerability: Memory Corruption in OpenV2G due to Buffer Overflow
## CVE Details
- CVE ID: CVE-2025-24956
- CVSS Score: 6.2 (CVSS v3.1) / 6.9 (CVSS v4.0) (Medium/High)
- CWE: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
## Affected Systems
- Products: OpenV2G (open source implementation of ISO/IEC V2G CI standard)
- Versions: All versions prior to V0.9.6
- Configurations: Not specified, but context implies components handling X509 serial number parsing.
## Vulnerability Description
The vulnerability exists within the EXI parsing feature of OpenV2G. Specifically, the parser is reported to be missing a necessary length check when processing X509 serial numbers. This flaw allows an attacker to introduce crafted input that triggers a buffer overflow, leading to memory corruption.
## Exploitation
- Status: No explicit mention of exploitation in the wild; PoC status is implied by the detailed vulnerability description, but not explicitly confirmed as public.
- Complexity: Low (Based on CVSS vector AV:L/AC:L/PR:N/UI:N, suggesting local access with low configuration/privilege requirements to trigger the overflow).
- Attack Vector: Local (AV:L from CVSS 3.1 vector)
## Impact
- Confidentiality: No impact (C:N)
- Integrity: No impact (I:N) - *Note: While technically integrity should be affected by memory corruption, the provided CVSS vector indicates N/A or minimal impact, unless the corruption is leveraged for high-level impact.*
- Availability: High (A:H) - The memory corruption can likely lead to a denial of service condition.
## Remediation
### Patches
- Update to OpenV2G version **V0.9.6 or later**.
- Available at: hXXps://sourceforge.net/projects/openv2g/files/release/OpenV2G_0.9.6/
### Workarounds
- Siemens recommends following their General Security Recommendations and operational guidelines for Industrial Security.
- Implement network access protection mechanisms for devices utilizing OpenV2G.
## Detection
- **Indicators of Compromise:** Memory corruption events or unexpected process termination within the OpenV2G service context would be key indicators.
- **Detection Methods and Tools:** Monitor system logs for abnormal terminations or memory access violations related to the OpenV2G component, especially during message processing.
## References
- Vendor Advisory: Siemens Security Advisory SSA-647005
- Siemens ProductCERT Advisories: hXXps://www.siemens.com/cert/advisories