Example - Schneider Electric car charging stations - One of the vulnerabilities, (patched last month) enables access with maximum privileges to the charging station and could allow an attacker to stop the charging process and switch the device to the reservation mode making it inaccessible to customers until the machine is rebooted.
Two other vulnerabilities found , CVE-2018-7801 and CVE-2018-7802 allow hackers to gain access to the device with maximum privileges and bypass authorization to gain access to the web interface with full privileges, respectively
The attacker could even unlock the charging cable from the device while it is in the process of charging a vehicle allowing them to steal the entire cable ultimately leading to financial losses for the energy sector and uncharged vehicles for customers.
https://www.scmagazine.com/home/security-news/positive-technologies-researchers-have-released-details-concerning-the-vulnerabilities-patched-last-month-in-the-schneider-electric-car-charging-stations/
No comments:
Post a Comment