Main Vulnerability Database SB20250716117

SB20250716117 - Unprotected storage of credentials in LITEON IC48A and IC80A EV Chargers

Published: July 16, 2025

Security Bulletin ID SB20250716117

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Unprotected storage of credentials (CVE-ID: CVE-2025-7357)

The vulnerability allows a remote attacker to gain access to other users' credentials.

The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A remote attacker can view contents of the configuration file and gain access to passwords for 3rd party integration.

Remediation

Install update from vendor's website.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-196-03