SWITCH EV swtchenergy.com
Summary
CISA has issued an alert regarding vulnerabilities in SWITCH EV swtchenergy.com charging stations. Successful exploitation could allow attackers to impersonate charging stations, hijack sessions, cause denial of service, and manipulate backend data; multiple CVEs are associated with the affected versions.
IFF Assessment
Multiple vulnerabilities in EV charging stations could be exploited by attackers.
Severity
Defender Context
Defenders in the energy and transportation sectors should be aware of these vulnerabilities and monitor for related threat activity. The lack of vendor response to CISA's request for coordination is concerning and highlights the importance of proactive vulnerability management. Insufficient authentication and session management are common weaknesses in IoT devices, requiring vigilant security practices.