CVE-2025-52264 is a stack overflow vulnerability identified in the StarCharge Artemis AC Charger 7-22 kW, version 1.0.4. The flaw exists in the cgiMain function within the download.cgi endpoint, which likely handles HTTP requests for downloading firmware or configuration files. A stack overflow occurs when the function processes input that exceeds the allocated buffer size, overwriting adjacent memory on the stack. This can lead to arbitrary code execution or cause the device to crash, resulting in denial of service. The vulnerability was reserved in June 2025 and published in October 2025, but no CVSS score or patches have been released yet, and no exploits have been observed in the wild. The affected product is an electric vehicle charging station, a critical component of EV infrastructure. Exploiting this vulnerability could allow attackers to disrupt charging services or potentially gain control over the device, which may have further implications if the device is connected to broader operational networks. The lack of authentication or user interaction requirements is not explicitly stated, but given the vulnerability is in a CGI function, it may be remotely exploitable via network access. The absence of patches means organizations must rely on network-level mitigations until a fix is available.

For European organizations, the impact of this vulnerability could be significant due to the growing reliance on electric vehicle charging infrastructure. Disruption of charging stations could affect transportation logistics, fleet operations, and consumer EV usage, leading to economic and reputational damage. If exploited to execute arbitrary code, attackers might pivot into internal networks, compromising confidentiality and integrity of connected systems. The availability of charging services could be interrupted, causing operational downtime. Critical infrastructure operators, municipalities, and private charging network providers are at risk. The impact is heightened in countries with high EV adoption rates and extensive charging networks, where service disruption could affect large populations and critical transport services. Additionally, the vulnerability could be leveraged in broader cyber-physical attacks targeting energy and transportation sectors.

Until official patches or firmware updates are released by StarCharge, organizations should implement strict network segmentation to isolate charging stations from critical internal networks. Restrict access to the download.cgi endpoint using firewalls or web application firewalls (WAFs) to limit exposure to untrusted networks. Monitor network traffic for unusual activity targeting the charger devices, especially HTTP requests to the vulnerable CGI endpoint. Employ intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts of stack overflow patterns. Regularly audit and inventory all deployed charging stations to identify affected versions. Engage with the vendor for timely updates and apply patches immediately upon release. Consider implementing compensating controls such as VPN access or zero-trust network architectures to reduce attack surface. Finally, prepare incident response plans specific to EV infrastructure compromise scenarios.