Hardy Barth Salia EV Charge Controller
Summary
Multiple vulnerabilities have been identified in the Hardy Barth Salia EV Charge Controller, specifically affecting firmware versions less than or equal to 2.3.81. Exploitation can lead to device crashes, and a buffer overflow condition might allow for remote code execution.
IFF Assessment
The identified vulnerabilities allow for potential remote code execution and denial-of-service conditions, posing a direct threat to the integrity and availability of critical infrastructure systems.
Severity
The CVSS score of 7.3 indicates a High severity, reflecting the potential for remote code execution via an unrestricted file upload vulnerability, which can significantly impact the confidentiality, integrity, and availability of the affected device.
Defender Context
Defenders should prioritize patching or mitigating vulnerabilities in OT devices, especially those in critical infrastructure sectors like Energy and Transportation Systems. The lack of vendor response highlights the importance of proactive security assessments and potential vendor engagement for securing vulnerable systems.