Researchers at the PWN2WAN AUTOMOTIVE 2024 competition, held in Tokyo in January of this year, uncovered vulnerabilities in three different electric vehicle chargers: Autel Maxicharger, Chargepoint Home Flex 40. Of particular interest was the successful code execution on the Autel Maxicharger device through Bluetooth without any additional conditions, as detailed in a report.
The Autel Maxicharger charger is equipped with various hardware functions like Wi-Fi, Ethernet, Bluetooth, 4G LTE, RFID reader, and a touch screen. The research team identified critical vulnerabilities, including bypassing authentication via Bluetooth (CVE-2024-23958) and two buffer overflow vulnerabilities (CVE-2024-23959 and CVE-2024-23967), enabling full control of the device by attackers.
One of the challenges faced by the researchers was extracting the device firmware. They eventually succeeded by deciphering update links via character substitution and analyzing the firmware. They discovered a bug in the Bluetooth authentication process, allowing unauthorized connections without the authentication code.
Another vulnerability in Bluetooth data processing led to buffer overflow and execution of arbitrary code on the device, potentially allowing malicious reprogramming that could damage the vehicle or charger. Additionally, hackers could exploit the charger’s public use feature to manipulate energy consumption reports for fraudulent purposes.
The researchers emphasized the importance of regular firmware updates and rigorous security assessments for electric vehicle chargers, as many are susceptible to various cyber attacks. While Autel promptly issued patches, continued vigilance is necessary to safeguard the infrastructure supporting electric vehicles and prevent potential attacks on city energy systems.
These findings highlight the need for enhanced security measures to protect the evolving infrastructure of electric vehicle charging stations and mitigate the risk of cyber threats affecting both individual vehicles and broader energy systems.