CVE-2025-5822 – Autel MaxiCharger AC Wallbox Commercial Technician API Privilege Escalation Vulnerability

June 25, 2025

CVE ID : CVE-2025-5822

Published : June 25, 2025, 6:15 p.m. | 24 minutes ago

Description : Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain a low-privileged authorization token in order to exploit this vulnerability.

The specific flaw exists within the implementation of the Autel Technician API. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-26325.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5827 – Autel MaxiCharger AC Wallbox Commercial BLE Stack-based Buffer Overflow Remote Code Execution Vulnerability

Next Article CVE-2025-49550 – Adobe Commerce Incorrect Authorization Bypass Vulnerability

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

The next big HDMI leap has arrived – here’s how these 16K cables will shake things up

Here’s how you can still trade in any phone at Verizon to get an iPhone, iPad, and Apple Watch free

Anthropic has a plan to combat AI-triggered job losses predicted by its CEO

Forget Google and Microsoft: OpenAI may be building the ultimate work suite of apps and services

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Now EAC Error 20006 in Elden Ring: Nightreign [6 Easy Tricks]

Fix Now Elden Ring Nightreign EAC Error 30005 (CreateFile Failed)

CVE-2025-5822 – Autel MaxiCharger AC Wallbox Commercial Technician API Privilege Escalation Vulnerability

CVE-2025-53097 – Roo Code Schema Fetching File Read and Write Vulnerability

CVE-2025-53098 – Roo Code MCP Configuration Command Injection Vulnerability

.NET goes open source and cross-platform

How iPadOS 26 convinced me to switch from Mac to iPad full-time – and why I don’t regret it

Red Hat presenta Red Hat Enterprise Linux 10 con intelligenza e sicurezza potenziate negli ambienti ibridi

CVE-2025-37815 – “Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability”

Distribution Release: Clonezilla Live 3.2.1-28

CVE-2024-36486 – Parallels Desktop for Mac Privilege Escalation Vulnerability

CVE-2025-26169 – IXON VPN Client Local Privilege Escalation Remote Code Execution

Microsoft Patch Tuesday May 2025: 5 Zero Days, 8 High-Risk Vulnerabilities

CVE-2025-5822 – Autel MaxiCharger AC Wallbox Commercial Technician API Privilege Escalation Vulnerability

Related Posts