A critical lack of authentication in OCPP WebSocket endpoints enables unauthenticated station impersonation and unauthorized control of charging infrastructure.

This flaw involves the lack of an authentication guard on the OCPP WebSocket endpoint. By discovering a valid charging station identifier, an unauthenticated attacker can establish a session and execute OCPP commands.

The potential for unauthorized control of charging infrastructure poses significant operational and reputational risks. Attackers can corrupt data reported to the backend, potentially leading to financial discrepancies or service denial. The CVSS score of 9.4 reflects the high severity of unauthenticated access to critical infrastructure components.

Immediate Action: Update the backend software to enforce authentication for all OCPP WebSocket connections.

Proactive Monitoring: Enable detailed logging for the OCPP gateway and alert on any connection attempts that lack valid credentials or certificates.

Compensating Controls: Use mTLS (Mutual TLS) to ensure that only authorized hardware can communicate with the backend services.

Public Exploit Available: No

The transition to secured OCPP profiles is non-negotiable for modern charging networks. Administrators should verify that their implementations require unique, per-station credentials to prevent impersonation attacks.