Mobiliti e-mobi.hu
Summary
Multiple vulnerabilities have been identified in Mobiliti e-mobi.hu charging stations, including missing authentication for critical functions and improper restriction of excessive authentication attempts. Successful exploitation could allow attackers to gain administrative control or disrupt charging services.
IFF Assessment
The identified vulnerabilities grant attackers the ability to gain unauthorized administrative control over critical infrastructure, posing a significant risk to operational integrity.
Severity
Defender Context
Defenders should be aware of the risks associated with unsecured WebSocket endpoints in industrial control systems like EV charging stations. This incident highlights the need for robust authentication and authorization mechanisms in IoT devices, especially those in critical infrastructure.