CVE-2025-52263 is a security vulnerability identified in the Web Configuration module of the Startcharge Artemis AC Charger 7-22 kW, specifically version 1.0.4. The flaw allows an attacker who is authenticated and network-adjacent to upload crafted firmware to the device. This malicious firmware upload capability leads to arbitrary code execution, meaning the attacker can execute any code of their choosing on the charger. The vulnerability arises from insufficient validation or controls in the firmware upload process within the web interface. Because the attacker must be authenticated and have network adjacency, exploitation is limited to insiders or attackers who have gained network access near the device, such as through compromised local networks or VPNs. There are currently no known public exploits or patches, indicating the vulnerability is newly disclosed and unmitigated. The lack of a CVSS score requires an assessment based on the impact and exploitability factors. Arbitrary code execution on a critical infrastructure device like an EV charger can lead to device malfunction, denial of service, or pivoting to other networked systems. The affected product is used in electric vehicle charging infrastructure, which is increasingly critical in Europe’s energy and transportation sectors. The vulnerability highlights the risks of embedded device management interfaces that lack robust security controls. Organizations using these chargers must be aware of the threat and implement compensating controls until a patch is available.

For European organizations, this vulnerability poses a significant risk to electric vehicle charging infrastructure, which is vital for the continent's green energy transition and transportation networks. Exploitation could lead to arbitrary code execution on chargers, resulting in operational disruptions such as denial of service or manipulation of charging processes. This could affect fleet operators, public charging stations, and private installations, potentially causing financial losses and reputational damage. Moreover, compromised chargers could serve as entry points for lateral movement within corporate or municipal networks, increasing the risk of broader cyberattacks. Given the strategic importance of EV infrastructure in Europe’s energy policies, disruption could have cascading effects on transportation and energy management systems. The requirement for authentication and network adjacency somewhat limits the attack surface but does not eliminate risk, especially in environments with weak network segmentation or insider threats. The absence of patches means organizations must rely on preventive measures to mitigate impact.

1. Restrict network access to the Web Configuration interface of Startcharge Artemis chargers by implementing strict firewall rules and network segmentation to limit access only to trusted administrators. 2. Enforce strong authentication mechanisms, including complex passwords and multi-factor authentication if supported, to reduce the risk of unauthorized access. 3. Monitor and log all firmware upload attempts and configuration changes to detect suspicious activities promptly. 4. Disable or limit remote access capabilities to the charger’s management interface unless absolutely necessary and secured via VPN or other secure channels. 5. Engage with the vendor to obtain patches or firmware updates as soon as they become available and apply them promptly. 6. Conduct regular security assessments of EV charging infrastructure to identify and remediate similar vulnerabilities. 7. Educate staff responsible for charger management on secure operational practices and the risks associated with firmware updates. 8. Consider deploying intrusion detection/prevention systems that can identify anomalous behavior related to firmware uploads or web interface access.