CVE-2024-43649
📋 TL;DR
Authenticated command injection in Iocharger AC charging station firmware allows attackers with low-privilege accounts to execute arbitrary commands as root via manipulated filename parameters. This affects Iocharger AC model firmware versions before 24120701, potentially giving attackers full control over charging stations.
💻 Affected Systems
- Iocharger AC charging stations
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attacker gains root access to charging station, modifies firmware, disables safety systems, pivots to internal networks, and causes physical damage or electrical hazards.
Likely Case
Attacker compromises charging station to steal credentials, install backdoors, disrupt charging operations, or use as pivot point for network attacks.
If Mitigated
With network segmentation and strict access controls, impact limited to isolated charging station with no network propagation.
🎯 Exploit Status
Requires reverse engineering or extensive testing to identify vulnerable parameter; authentication required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 24120701
Vendor Advisory: https://iocharger.com
Restart Required: No
Instructions:
1. Download firmware version 24120701 from Iocharger website. 2. Log into charging station web interface. 3. Navigate to firmware update section. 4. Upload and apply new firmware. 5. Verify version update.
🔧 Temporary Workarounds
Network segmentation
allIsolate charging stations on separate VLAN with no internet access and restricted internal connectivity.
Access control hardening
allImplement strong authentication, disable default accounts, limit user privileges, and monitor authentication logs.
🧯 If You Can't Patch
- Disable remote web interface access and require physical/local access only
- Implement strict network firewall rules blocking all unnecessary ports to charging stations
🔍 How to Verify
Check if Vulnerable:
Check firmware version in web interface admin panel; versions below 24120701 are vulnerable.Check Version:
Login to web interface and navigate to System Information or Firmware Status page.Verify Fix Applied:
Confirm firmware version shows 24120701 or higher in admin interface.📡 Detection & Monitoring
Log Indicators:
- Unusual filename patterns in web requests
- Multiple authentication attempts followed by command execution patterns
- Root privilege escalation in system logs
Network Indicators:
- Unusual outbound connections from charging stations
- Command injection patterns in HTTP requests to web interface
SIEM Query:
source="web_logs" AND (url="*<redacted>.exe*" AND filename="*;*" OR filename="*|*" OR filename="*`*" OR filename="*$(*")