NIST Cybersecurity Framework for EV Extreme Fast Charging Infrastructure
The Electric Vehicle and Extreme Fast Charging (EV/XFC) networks and infrastructure. The newly officialized framework combines industry standards and best practices for securing the evolving EV charging sites and networks.
ABB Terra AC Improper Authentication Can Lead To EVSE Takeover (CVE 2023-0863 & CVE 2023-0864)
The SaiFlow research team has discovered two vulnerabilities in high severity allowing remote and unauthorized users, within the range of BLE to takeover the EV charger.
The Impact of API Vulnerabilities on CSMS Services & Charging Network Operators – The Use Case of ABB ChargerSync
SaiFlow research team discovered multiple critical vulnerabilities in ChargerSync CSMS allowing adversaries to access customers’ personal information and disrupt charging operations.
May 2023 Security Advisory for ABB Terra AC Charging Station
On May 17, 2023, ABB published an advisory for CVE-2023-0863 & CVE-2023-0864, an Authentication Bypass and Plaintext Communication vulnerabilities…
Free Vending Mode Security Best Practices
Threat actors could abuse Free Vend functionality to perform energy theft by abusing the CSMS of public and private EV fleet charging sites.
NEVI Program Cybersecurity Requirements
Understand NEVI cybersecurity requirements to enhance your offering and maximize your site’s NEVI scoring criteria with Saiflow’s platform.
How Mishandling of WebSockets Can Cause DoS and Energy Theft
The SaiFlow Research Team recently discovered a flaw in the implementations of management systems for Smart EV charger points (Charging Stations Management Systems – CSMS) allowing attackers to cause Denial of Services (DoS) and perform energy theft.
Hijacking EV Charge Points to Cause DoS
Cyber attackers can disable EV Charge Point and cause DoS, by exploiting Open Charge Point Protocol (OCPP). The attack method combines two new vulnerabilities that were found…
Federal officials eye path forward for EV cybersecurity
Federal officials are examining what role they should play in strengthening the cybersecurity of electric vehicles…