|
|
|
|
|
|
by throwawaaarrgh
1322 days ago
|
|
|
Chargers use an open protocol called OCPP. There are several versions, and the older ones use XML and I would guess are likely targets for various attacks. The later ones with JSON are probably also vulnerable but with a smaller number of attacks. There are many different implementations, and different charging vendors tend to have varying degrees of functionality, so I would expect a pretty wide assortment of vulnerable chargers (and backend servers). A lot of them also seem to only communicate via static IPs. |
|
|