CISA 2026-04-21

Hardy Barth Salia EV Charge Controller

Machine-generated analysis · WAYSCloud LLM

The vendor did not respond to CISA's coordination request. Exploit for the firmware upload vulnerability has been publicly disclosed.

Context

The Hardy Barth Salia EV Charge Controller is an electric vehicle charging system component. The advisory states that unrestricted file upload vulnerabilities in the web UI could allow remote code execution or device crashes. The affected firmware versions are 2.3.81 and earlier.

Operator considerations

Check: Inventory Hardy Barth Salia EV Charge Controllers with firmware version 2.3.81 or earlier.
Isolate: Restrict network access to the web UI interface of these controllers.
Patch: Contact Hardy Barth using their published contact methods as no patch is currently available.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution.

The following versions of Hardy Barth Salia EV Charge Controller are affected:

Salia Board Firmware

Read the full advisory on CISA →