SaiFlow's Blog

Featured

ABB Terra AC Buffer Overflow Vulnerability (CVE-2025-5517)

The SaiFlow research team has uncovered a buffer overflow vulnerability in ABB Terra AC chargers, that compromises system integrity. We have demonstrated how we can trigger Denial-of-Service (DoS), making the charger inoperative and unresponsive. The vulnerability could potentially be exploited to achieve RCE. Exploitation of the vulnerability requires MITM capabilities with unencrypted communication, or a compromised Charging Station Management System (CSMS).

Latest insights and industry updates

image of a traffic control center (for a mobility and transportation)

How Mishandling of WebSockets Can Cause DoS and Energy Theft

The SaiFlow Research Team recently discovered a flaw in the implementations of management systems for Smart EV charger points (Charging Stations Management Systems – CSMS) allowing attackers to cause Denial of Services (DoS) and perform energy theft.
image of a traffic control center (for a mobility and transportation)

Hijacking EV Charge Points to Cause DoS

Cyber attackers can disable EV Charge Point and cause DoS, by exploiting Open Charge Point Protocol (OCPP). The attack method combines two new vulnerabilities that were found...