Schneider has fixed three vulnerabilities in one of its popular electric car charging stations, which security researchers said could have easily allowed an attacker to remotely take over the unit.
At its worst, an attacker can force a plugged-in vehicle to stop charging, rendering it useless in a “denial-of-service state,” an attack favored by some threat actors as it’s an effective way of forcing something to stop working.
The bugs were fixed with a software update that rolled out on September 2 shortly after the bugs were first disclosed, and limited details of the bugs were revealed in a supporting document on December 20. Now, a fuller picture of the vulnerabilities, found by New York-based security firm Positive Technologies, were released today — almost a month later.
Schneider’s EVLink charging stations come in all shapes and sizes — some for the garage wall and some at gas stations. It’s the charging stations at offices, hotels, shopping malls and parking garages that are vulnerable, said Positive.
At the center of Positive’s disclosure is Schneider’s EVLink Parking electric charging stations, one of several charging products that Schneider sells, and primarily marketed to apartment complexes, private parking area, offices and municipalities. These charging stations are, …read more
Thank you Source: Gadgets – Tech gear