Primary

Context

SWITCH EV Charging Stations Insufficiently Protected Credentials Vulnerability

Vulnerability

A vulnerability exists in SWITCH EV charging stations, allowing authentication identifiers to be publicly accessed via web-based mapping platforms. This issue could enable attackers to impersonate charging stations, hijack sessions, misroute legitimate traffic, causing large-scale denial-of-service, and manipulate data sent to the backend.

Impact

Exploitation of this vulnerability could allow for impersonation of charging stations, session hijacking, suppression or misrouting of legitimate traffic, causing large-scale denial-of-service, and manipulation of data sent to the backend.

Remediation

SWITCH EV did not respond to CISA's request for coordination. Contact SWITCH EV through their contact page for more information.

Added: Feb 27, 2026, 12:21 AM

Updated: Feb 27, 2026, 12:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SWITCH EV Charging Stations Insufficiently Protected Credentials Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating