SaiFlow's Blog

Featured

ABB Terra AC Buffer Overflow Vulnerability (CVE-2025-5517)

The SaiFlow research team has uncovered a buffer overflow vulnerability in ABB Terra AC chargers, that compromises system integrity. We have demonstrated how we can trigger Denial-of-Service (DoS), making the charger inoperative and unresponsive. The vulnerability could potentially be exploited to achieve RCE. Exploitation of the vulnerability requires MITM capabilities with unencrypted communication, or a compromised Charging Station Management System (CSMS).

Latest insights and industry updates

image of a traffic control center (for a mobility and transportation)

Top Cybersecurity Risk Management Strategies For The EV Revolution

Outline of the cyber risks that CPOs need to be aware of and a guide of the essential steps to implement an effective risk management strategy.
image of a traffic control center (for a mobility and transportation)

Exploiting Hidden Supply-Chain Vulnerabilities to Attack EV Chargers and CPOs

The SaiFlow’s Research Team found several high-risk vulnerabilities and severe supply chain attack vectors within EV charging stations, which could be exploited by unauthorized users to inflict various types of damage
image of a traffic control center (for a mobility and transportation)

Fortifying EV Charging Networks: Navigating the NIS2 Cybersecurity Directive with SaiFlow

The NIS2 directive, adopted in November 2022 and set to become applicable also on the EV charging sector in October 2024, marks a significant milestone in the EU's cybersecurity efforts. Building upon the original NIS directive, NIS2 expands its scope to cover essential additional entities in critical sectors.
image of a traffic control center (for a mobility and transportation)

The EV Charging Security Dilemma

On the requirements of EV Charging Security Infrastructure and why relying solely on the individual Electric Vehicle Supply Equipment (EVSE) vendors or Charge Point Operators (CPOs) is not enough.
image of a traffic control center (for a mobility and transportation)

SaiFlow and Check Point Software Technologies Partner to Secure EV Charging Sites and Distributed Energy Networks

The rapid adoption of Electric Vehicles (EVs) has spurred the growth of EV Charging Stations and Distributed Energy Resources installations
image of a traffic control center (for a mobility and transportation)

eMSP and CPOs Could Expose EV Chargers to OCPP Hijacking

The SaiFlow research team discovered how an adversary can abuse leaked charging stations’ identifiers to perform a wide-scale DoS attack on the public charging infrastructure.