A stack-based buffer overflow in the ChargePoint Home Flex OCPP service creates a high risk of remote code execution.

The OCPP getpreq function is affected by a stack-based buffer overflow, which can be leveraged by an attacker to overwrite memory and achieve remote code execution on the device.

The CVSS score of 7.5 underscores the high severity of this vulnerability. Successful exploitation could grant an attacker control over the charging station, potentially leading to device disruption or use as a foothold for further network attacks.

Immediate Action: Apply the vendor-provided security patches immediately, especially for devices exposed to the internet.

Proactive Monitoring: Review system logs for signs of abnormal service crashes or unexpected behavior in the OCPP communication interface.

Compensating Controls: Use network-level segmentation to isolate the charging station from critical business systems and restrict access to the device management interfaces.

Public Exploit Available: False

Given the risk of remote code execution via buffer overflow, administrators must prioritize the application of security patches. Ensure that ChargePoint Home Flex devices are updated to the latest firmware to mitigate this high-severity risk.