These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-31904 is a high-severity weakness in CTEK Chargeportal’s WebSocket application interface. CISA’s advisory says the service lacks restrictions on the number of authentication requests, which can let an attacker overwhelm or disrupt charger telemetry and may also support brute-force attempts against authentication. The advisory was initially published on 2026-03-19.
CISA's ICSA-26-078-06 reports that authentication identifiers for CTEK Chargeportal charging stations are publicly accessible through web-based mapping platforms. The advisory rates the issue CVSS 6.5 (medium) and publishes it on 2026-03-19. CTEK's remediation note says the product will be sunset in April 2026, so operators should reduce exposure now and plan migration.
CVE-2026-27649 is a high-severity issue in CTEK Chargeportal’s WebSocket backend. According to the CISA advisory, charging station identifiers are used to associate sessions, but multiple endpoints can connect with the same session identifier. That predictable behavior can let a later connection displace the legitimate station and receive backend commands meant for it. The advisory also says this can be u [truncated]
CVE-2026-25192 is a critical authentication weakness in CTEK Chargeportal's WebSocket/OCPP interface. According to the CISA advisory, an unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging-station identifier, then issue or receive OCPP commands as if they were a legitimate charger. The result can include unauthorized station impersonation, privilege esc [truncated]