Assigner | icscert |
Reserved | 2024-05-07 |
Published | 2024-05-15 |
Updated | 2024-06-04 |
Description
If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N |
Problem types
Product status
all versions
Credits
Hanno Böck reported these vulnerabilities to CISA.
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02