Unauthenticated attackers can impersonate legitimate charging stations and manipulate critical infrastructure data due to a lack of authentication on OCPP WebSocket endpoints.

This vulnerability involves a complete lack of authentication mechanisms for WebSocket endpoints using the Open Charge Point Protocol (OCPP). An unauthenticated attacker can connect to the backend using a discovered charging station identifier to issue or receive unauthorized commands.

The impact of this vulnerability is critical, as it allows for unauthorized control over electric vehicle charging infrastructure. Attackers could escalate privileges, disrupt charging services, or corrupt network data reported to the backend, leading to significant financial loss and reputational damage. The CVSS score of 9.4 reflects the high risk to the integrity and availability of the charging network.

Immediate Action: Apply the latest security updates provided by the vendor to implement mandatory authentication for all WebSocket connections.

Proactive Monitoring: Monitor WebSocket connection logs for unexpected identifiers or multiple connections originating from suspicious IP addresses.

Compensating Controls: Restrict access to the OCPP WebSocket endpoints using network-level access control lists (ACLs) or a VPN to ensure only known charging station IPs can connect.

Public Exploit Available: false

This vulnerability represents a fundamental security failure in the charging infrastructure's communication layer. Organizations must prioritize the implementation of robust authentication for all OCPP communications. Immediate patching and the use of mutual TLS (mTLS) are strongly recommended to secure these endpoints against impersonation.