The growing adoption of electric vehicles (EVs) has catalyzed a corresponding expansion in EV charging infrastructure, making the security of these systems a focal point of concern. Recent revelations by cybersecurity experts McCaulay Hudson and Alex Plaskett at the 44CON conference in London underscore the gravity of these concerns. The duo unveiled critical security vulnerabilities within the Phoenix Contact CHARX SEC-3100 EV charger controller, exposing significant risks associated with EV charging infrastructure. Initially discovered during the Pwn2Own Automotive 2024 event orchestrated by Trend Micro’s Zero Day Initiative, these vulnerabilities highlight the pressing need for robust cybersecurity protocols in EV charging systems.
Discovery of Vulnerabilities
In detailing the vulnerabilities, the experts identified two specific flaws subsequently highlighted by a CERT/VDE advisory. The first, classified as a High severity vulnerability (CVE-2024-6788) with a CVSS score of 8.6, permitted unauthorized access to the EV charger before the firewall was fully initialized. This flaw not only jeopardized the operational integrity of the charger but also potentially exposed sensitive user data. The second vulnerability, marked as Medium severity (CVE-2024-3913) with a CVSS score of 7.5, enabled an attacker to reset the user-app account password. This loophole could facilitate unauthorized access, leading to potential disruptions in charging services.
Hudson and Plaskett expanded upon their exploitation techniques at the 44CON conference. They had managed to reset a predetermined user account password to its default setting after a firmware update, allowing them initial access via SSH. Utilizing a DHCP server, they deceived the device into transitioning from server mode to client mode, thereby exposing additional attack vectors. This manipulation enabled the researchers to upload malicious scripts, alter configuration settings, and ultimately achieve Remote Code Execution, granting them full control over the charger. Their ability to penetrate and manipulate the charger underscores the degree to which these vulnerabilities can be exploited.
Real-World Implications
The ramifications of these security vulnerabilities extend far beyond isolated incidents, posing substantial risks to the broader EV charging network. If left unaddressed, compromised chargers could be weaponized for widespread cyber attacks, such as shutting down entire charging stations. Such disruptions could potentially pave the way for ransomware assaults, defacement of charger displays, and theft of data from connected vehicles. There is also the peril of integrating compromised chargers into botnets, which could be utilized for coordinated cyber assaults. The prospect of Distributed Denial of Service (DoS) attacks further compounds the threat, as attackers could disrupt charging services to the detriment of EV users.
Moreover, vulnerabilities in EV chargers could be exploited for financial gain, whether through electricity theft or payment fraud. Manipulating charging processes or payments could have severe economic repercussions, eroding consumer trust in the safety and reliability of EV infrastructure. Fortunately, the particular vulnerabilities highlighted by Hudson and Plaskett have since been addressed through patches. Nonetheless, the researchers stressed the imperative for heightened security measures across the EV charging ecosystem. As the deployment of charging stations proliferates, manufacturers and operators are urged to implement stringent cybersecurity protocols to prevent such vulnerabilities from being exploited.
The Path Forward
The increasing popularity of electric vehicles (EVs) has driven a corresponding boom in EV charging infrastructure, raising significant concerns about their security. Cybersecurity experts McCaulay Hudson and Alex Plaskett highlighted these concerns during their presentation at the 44CON conference in London, where they revealed major security vulnerabilities in the Phoenix Contact CHARX SEC-3100 EV charger controller. These flaws, originally discovered at the Pwn2Own Automotive 2024 event led by Trend Micro’s Zero Day Initiative, expose serious risks within EV charging systems. As these vulnerabilities demonstrate, it is crucial to establish strong cybersecurity measures to ensure the safety and reliability of these systems. Given the rapid expansion of EV infrastructure, the stakes are higher than ever, making it imperative for manufacturers and stakeholders in the EV ecosystem to prioritize and invest in advanced cybersecurity protocols. Developing secure, resilient systems is essential to protect against potential threats and to maintain consumer trust in this burgeoning industry.