CVE-2026-20733

Published: Feb 27, 2026Modified: Mar 5, 2026

6.9

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: ics-cert@hq.dhs.gov (Secondary)

Description

Charging station authentication identifiers are publicly accessible via web-based mapping platforms.

Affected (1)

Products: Cloudcharge: Cloudcharge.se

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cloudcharge Cloudcharge.se	All versions

Related CWEs

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (3)

https://cloudcharge.tech/support/contact/

Source: ics-cert@hq.dhs.gov

Product

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-057-03.json

Source: ics-cert@hq.dhs.gov

Third Party Advisory

https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-03

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.