CVE-2025-52264 identifies a stack-based buffer overflow vulnerability in the StarCharge Artemis AC Charger 7-22 kW, firmware version 1.0.4. The vulnerability resides in the cgiMain function handling requests to download.cgi, where improper input validation leads to a stack overflow condition (CWE-119). This flaw can be triggered remotely by an attacker with access to the local or adjacent network (CVSS vector AV:A), requiring low privileges (PR:L) but no user interaction (UI:N). Successful exploitation enables arbitrary code execution, granting the attacker full control over the device, compromising confidentiality, integrity, and availability. The device is typically deployed in electric vehicle charging infrastructure, making it a critical component in energy and transportation sectors. No patches or firmware updates have been released yet, and no public exploits are known, but the vulnerability’s nature and high CVSS score (8.0) indicate a serious risk. The stack overflow could be leveraged to disrupt charging services, manipulate billing or usage data, or pivot into broader network environments. The vulnerability’s presence in a widely used EV charger model necessitates urgent mitigation to protect critical infrastructure.

For European organizations, the impact of CVE-2025-52264 is significant due to the increasing reliance on electric vehicle charging infrastructure as part of energy transition and smart city initiatives. Exploitation could lead to unauthorized control over charging stations, resulting in service outages, manipulation of charging sessions, or theft of sensitive operational data. This could disrupt transportation services, damage organizational reputation, and cause financial losses. Additionally, compromised chargers could serve as entry points for lateral movement within corporate or utility networks, escalating the risk of broader cyberattacks. Given the critical role of EV infrastructure in Europe’s green energy goals, such disruptions could have cascading effects on energy management and regulatory compliance. The vulnerability’s requirement for local or adjacent network access means that organizations with poorly segmented networks or exposed management interfaces are at higher risk. The absence of patches increases the urgency for interim controls to mitigate potential exploitation.

1. Immediately restrict network access to StarCharge Artemis AC Chargers by implementing strict network segmentation and firewall rules to limit access to trusted administrators and management systems only. 2. Disable or restrict access to the download.cgi interface if possible, or monitor and log all access attempts to detect suspicious activity. 3. Employ intrusion detection/prevention systems (IDS/IPS) tuned to detect anomalous traffic patterns or attempts to exploit stack overflow conditions. 4. Engage with the vendor to obtain timelines for firmware patches or updates addressing this vulnerability and prioritize their deployment once available. 5. Conduct regular vulnerability assessments and penetration testing focused on EV charging infrastructure to identify and remediate related weaknesses. 6. Implement strong authentication and authorization controls for device management interfaces to reduce the risk posed by low-privilege attackers. 7. Maintain up-to-date asset inventories to quickly identify affected devices and ensure rapid response capabilities. 8. Educate operational technology (OT) and IT teams on the risks associated with this vulnerability and best practices for securing EV charging infrastructure.