CVE-2025-52263 is a vulnerability identified in the Web Configuration module of the Startcharge Artemis AC Charger 7-22 kW version 1.0.4. The flaw allows an attacker who is authenticated and located on a network adjacent to the device to upload crafted firmware images. This firmware upload capability leads to arbitrary code execution on the device, effectively allowing the attacker to take full control over the charger’s software environment. The vulnerability is classified under CWE-494, which relates to Download of Code Without Integrity Check, indicating that the firmware upload process lacks sufficient validation or integrity verification. The CVSS v3.1 base score is 8.0, reflecting high severity due to the combination of high impact on confidentiality, integrity, and availability, low attack complexity, and the requirement for only low privileges (authenticated access). No user interaction is needed, and the scope remains unchanged, meaning the attacker’s control is limited to the vulnerable component or device. The vulnerability was reserved in June 2025 and published in October 2025, with no patches or known exploits publicly available at the time of reporting. This vulnerability poses a significant risk because compromised chargers could be used to disrupt EV charging infrastructure, cause physical damage, or serve as a foothold for lateral movement within organizational networks.

For European organizations, the impact of CVE-2025-52263 can be substantial, especially for entities operating electric vehicle (EV) charging infrastructure. Successful exploitation can lead to full compromise of the affected chargers, enabling attackers to manipulate charging operations, disrupt service availability, or use the devices as entry points into broader corporate or critical infrastructure networks. This could result in operational downtime, financial losses, reputational damage, and potential safety hazards if chargers are manipulated to deliver unsafe power levels. Given the increasing reliance on EV infrastructure across Europe, particularly in countries aggressively promoting EV adoption, this vulnerability could affect utilities, commercial charging operators, and public infrastructure providers. Additionally, attackers could leverage compromised chargers for persistent access or as part of coordinated attacks against energy or transportation sectors, which are critical to European economies and security.

To mitigate CVE-2025-52263, organizations should implement the following specific measures: 1) Restrict network access to the Web Configuration interface of Startcharge Artemis chargers to trusted management networks only, using network segmentation and firewall rules to prevent unauthorized access. 2) Enforce strong authentication mechanisms, such as multi-factor authentication, to reduce the risk of credential compromise or misuse. 3) Monitor firmware update activities closely, logging all upload attempts and verifying firmware integrity through cryptographic signatures or checksums if supported. 4) Engage with the vendor to obtain and apply firmware patches or updates as soon as they become available. 5) Conduct regular security assessments and penetration testing on EV charging infrastructure to detect similar vulnerabilities. 6) Implement anomaly detection systems to identify unusual device behavior indicative of compromise. 7) Educate operational staff on secure management practices for EV chargers and incident response procedures specific to these devices.