CVE-2025-5824

Q: What is the severity of CVE-2025-5824?

CVE-2025-5824 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers within Bluetooth range to bypass authentication on Autel MaxiCharger AC Wallbox Commercial electric vehicle charging stations. Attackers must first pair a malicious Bluetooth device with the target system, then exploit insufficient origin validation to gain unauthorized access. This affects organizations using these charging stations in commercial settings.

7.5 HIGH

Authentication Bypass

📋 TL;DR

This vulnerability allows attackers within Bluetooth range to bypass authentication on Autel MaxiCharger AC Wallbox Commercial electric vehicle charging stations. Attackers must first pair a malicious Bluetooth device with the target system, then exploit insufficient origin validation to gain unauthorized access. This affects organizations using these charging stations in commercial settings.

💻 Affected Systems

Products:

Autel MaxiCharger AC Wallbox Commercial

Versions: Specific versions not disclosed in advisory

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations appear vulnerable. Requires physical proximity for Bluetooth pairing.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control of charging stations, enabling them to disable charging, manipulate pricing, steal user data, or cause physical damage to connected vehicles.

🟠

Likely Case

Attackers bypass authentication to access charging station management functions, potentially disrupting charging operations or accessing user information.

🟢

If Mitigated

With proper network segmentation and Bluetooth security controls, impact is limited to isolated charging stations with minimal data exposure.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires Bluetooth pairing capability and physical proximity. No authentication needed after successful pairing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in advisory

Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-25-343/

Restart Required: Yes

Instructions:

1. Contact Autel support for firmware updates. 2. Download latest firmware from Autel portal. 3. Apply update via management interface. 4. Restart charging station.

🔧 Temporary Workarounds

Disable Bluetooth when not needed

all

Turn off Bluetooth functionality on charging stations except during maintenance periods

Implement physical security controls

all

Restrict physical access to charging stations to prevent unauthorized Bluetooth pairing

🧯 If You Can't Patch

Segment charging station network from critical infrastructure
Implement continuous monitoring for unauthorized Bluetooth connections

🔍 How to Verify

Check if Vulnerable:

Check firmware version against Autel's security advisory. If running vulnerable firmware and Bluetooth is enabled, system is vulnerable.

Check Version:

Check via charging station management interface or contact Autel support

Verify Fix Applied:

Verify firmware version matches patched version from Autel advisory and test authentication controls.

📡 Detection & Monitoring

Log Indicators:

Unexpected Bluetooth pairing events
Authentication bypass attempts
Unusual administrative access patterns

Network Indicators:

Unauthorized Bluetooth MAC addresses connecting to charging stations

SIEM Query:

source="charging_station" AND (event="bluetooth_pairing" OR event="auth_bypass")

📊 Metadata

CVE ID: CVE-2025-5824

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-346

EPSS Score: 0.01% exploit probability (0.6th percentile)

Published: June 25, 2025

Last Updated: September 10, 2025

🔗 References

https://www.zerodayinitiative.com/advisories/ZDI-25-343/ Third Party Advisory