CVE-2024-4622

If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface 
protected by authentication. If the default credentials are not changed,
 an attacker can use public knowledge to access the device as an 
administrator.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
icscertCNA
---
---
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02
https://industrydecarbonization.com/news/insecure-password-allowed-administrative-access-to-electric-vehicle-chargers.html
https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-02