CVE-2024-4622

EUVD-2024-44230
If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface 
protected by authentication. If the default credentials are not changed,
 an attacker can use public knowledge to access the device as an 
administrator.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02
https://industrydecarbonization.com/news/insecure-password-allowed-administrative-access-to-electric-vehicle-chargers.html
https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02