Risk Summary
Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause a denial of service or partial loss of integrity of the charger.
CVEs (1)
Remediations
- Vestel strongly suggests for users using the related AC chargers shall update to V3.187 or any higher version.
- Vestel also recommends the following mitigations to reduce risk:
- Avoid using open network:
- Use secure methods like Virtual Private Networks (VPNs) for remote access. Regularly update VPNs to their latest versions and ensure that connected devices maintain strong security measures.
- Reduce network exposure for applications and endpoints. Only make them accessible via the Internet if specifically designed for and required by their intended use.
- Login Credentials Management:
- Force end user to revise the factory default set username and password of webconfig page.
- Remove any printed documents such as installation guide, instruction book, quick start quide from web where login credentials are featured.
- Please refer to Vestel's advisory for more information.
Affected Vendors
Vestel
Affected Products (1)
Vestel
·
AC Charger EVC04
3.75.0
Affected Sectors
Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more