Analysts at U.K. cybersecurity firm Pen Test Partners have identified flaws in the application programming interfaces of six home electric vehicle (EV) charging brands, as well as the Chargepoint public EV charging station network.
Pen Test analyst Vangelis Stykas found several vulnerabilities that could enable hackers to commandeer user accounts, hinder charging, and repurpose a charger as a backdoor into the owner's home network.
The Chargepoint flaw, meanwhile, could let hackers steal electricity and shift the cost to driver accounts, and activate or deactivate chargers.
Some EV chargers use a Raspberry Pi compute module, a popular low-cost computer that Pen Test’s Ken Munro said is unsuitable for commercial applications due to its lack of a secure bootloader.
Charger manufacturers have corrected most of the issues, but the flaws' existence highlights the poor regulation of Internet of Things devices.
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found