SWITCH EV WebSocket Endpoint Authentication Vulnerability Allowing Unauthorized Station Impersonation
Vulnerability
A vulnerability exists in the WebSocket endpoints of SWITCH EV's OCPP implementation, where proper authentication mechanisms are lacking. This flaw enables unauthorized attackers to impersonate charging stations and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier and issue or receive OCPP commands as if they were a legitimate charger. The absence of authentication could lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend.
Impact
Exploitation of this vulnerability could allow for unauthorized impersonation of charging stations, session hijacking, misrouting of legitimate traffic, large-scale denial-of-service, and manipulation of data sent to the backend.
Remediation
SWITCH EV did not respond to CISA's request for coordination. Contact SWITCH EV using their contact page for more information.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.