An unauthenticated attacker can exploit a lack of authentication in OCPP WebSocket endpoints to gain unauthorized control over charging infrastructure and escalate privileges.

The vulnerability exists because WebSocket endpoints fail to validate the identity of connecting chargers. An unauthenticated attacker can bypass security controls by using a known charging station identifier to intercept or forge OCPP commands.

The potential for unauthorized manipulation of charging data and infrastructure control poses a severe threat to operational continuity. With a CVSS score of 9.4, this vulnerability could result in significant financial loss, data corruption within the charging network, and safety risks associated with unmanaged power equipment.

Immediate Action: Deploy the latest security updates from the vendor immediately to enforce robust authentication for all charging station connections.

Proactive Monitoring: Enable detailed logging for WebSocket handshakes and monitor for anomalies, such as multiple concurrent connections using the same station identifier.

Compensating Controls: Utilize a Web Application Firewall (WAF) capable of inspecting WebSocket traffic or implement mTLS (Mutual TLS) to ensure only authorized hardware can connect.

Public Exploit Available: No

The severity of this vulnerability necessitates immediate remediation. Organizations should prioritize patching all affected OCPP-compliant gateways and backend systems to prevent unauthorized station impersonation and protect the integrity of the charging network.