Search criteria
3 vulnerabilities found for Combined Charging System by Combined Charging System
VAR-202204-1428
Vulnerability from variot - Updated: 2025-01-30 20:24Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards. combined charging system project of combined charging system Firmware has a lack of authentication vulnerability for critical functionality.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-1428",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "combined charging system",
"scope": "lte",
"trust": 1.0,
"vendor": "combined charging system",
"version": "2.0"
},
{
"model": "combined charging system",
"scope": "eq",
"trust": 0.8,
"vendor": "combined charging system",
"version": null
},
{
"model": "combined charging system",
"scope": null,
"trust": 0.8,
"vendor": "combined charging system",
"version": null
},
{
"model": "combined charging system",
"scope": "lte",
"trust": 0.8,
"vendor": "combined charging system",
"version": "combined charging system firmware 2.0 and earlier"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"cve": "CVE-2022-0878",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2022-0878",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-0878",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "vulnerability@ncsc.ch",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"id": "CVE-2022-0878",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-0878",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-0878",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "vulnerability@ncsc.ch",
"id": "CVE-2022-0878",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-0878",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-3148",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 \u0026 ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards. combined charging system project of combined charging system Firmware has a lack of authentication vulnerability for critical functionality.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-0878"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "VULMON",
"id": "CVE-2022-0878"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-0878",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008564",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3148",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-0878",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2022-0878"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"id": "VAR-202204-1428",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"vehicle device"
],
"sub_category": "vehicle",
"trust": 0.1
},
{
"category": [
"vehicle device"
],
"sub_category": "vehicle charger",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:24:56.609000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.brokenwire.fail/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0878"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-0878/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2022-0878"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2022-0878"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-0878"
},
{
"date": "2023-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"date": "2022-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"date": "2022-04-12T12:15:08.623000",
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-0878"
},
{
"date": "2023-07-27T08:19:00",
"db": "JVNDB",
"id": "JVNDB-2022-008564"
},
{
"date": "2022-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3148"
},
{
"date": "2024-11-21T06:39:35.043000",
"db": "NVD",
"id": "CVE-2022-0878"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "combined\u00a0charging\u00a0system\u00a0project\u00a0 of \u00a0combined\u00a0charging\u00a0system\u00a0 Vulnerability related to lack of authentication for critical functions in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008564"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3148"
}
],
"trust": 0.6
}
}
CVE-2022-0878 (GCVE-0-2022-0878)
Vulnerability from nvd – Published: 2022-04-12 12:00 – Updated: 2024-09-16 23:40
VLAI
Title
Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service
Summary
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards.
Severity
4.6 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.brokenwire.fail/ | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Combined Charging System | Combined Charging System |
Affected:
Current version , ≤ 2.0
(custom)
|
|
| Combined Charging System | HomePlug GreenPHY |
Affected:
Current version , ≤ 1.1
(custom)
|
Date Public
2022-08-01 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:04.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.brokenwire.fail/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Combined Charging System",
"vendor": "Combined Charging System",
"versions": [
{
"lessThanOrEqual": "2.0",
"status": "affected",
"version": "Current version",
"versionType": "custom"
}
]
},
{
"product": "HomePlug GreenPHY",
"vendor": "Combined Charging System",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "Current version",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sebastian K\u00f6hler, University of Oxford"
},
{
"lang": "en",
"value": "Richard Baker, University of Oxford"
},
{
"lang": "en",
"value": "Martin Strohmeier, Armasuisse S+T"
},
{
"lang": "en",
"value": "Ivan Martinovic, University of Oxford"
}
],
"datePublic": "2022-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 \u0026 ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-12T12:00:23.000Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.brokenwire.fail/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service",
"workarounds": [
{
"lang": "en",
"value": "Using stronger shielded cables and securing the physical paramater might reducing the viability of this attack.\nRight now, the only way to prevent the attack is not to charge on a DC rapid charger."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Brokenwire",
"ASSIGNER": "vulnerability@ncsc.ch",
"DATE_PUBLIC": "2022-08-01T06:41:00.000Z",
"ID": "CVE-2022-0878",
"STATE": "PUBLIC",
"TITLE": "Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Combined Charging System",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Current version",
"version_value": "2.0"
}
]
}
},
{
"product_name": "HomePlug GreenPHY",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Current version",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Combined Charging System"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sebastian K\u00f6hler, University of Oxford"
},
{
"lang": "eng",
"value": "Richard Baker, University of Oxford"
},
{
"lang": "eng",
"value": "Martin Strohmeier, Armasuisse S+T"
},
{
"lang": "eng",
"value": "Ivan Martinovic, University of Oxford"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 \u0026 ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.brokenwire.fail/",
"refsource": "CONFIRM",
"url": "https://www.brokenwire.fail/"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Using stronger shielded cables and securing the physical paramater might reducing the viability of this attack.\nRight now, the only way to prevent the attack is not to charge on a DC rapid charger."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2022-0878",
"datePublished": "2022-04-12T12:00:23.108Z",
"dateReserved": "2022-03-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:40:53.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0878 (GCVE-0-2022-0878)
Vulnerability from cvelistv5 – Published: 2022-04-12 12:00 – Updated: 2024-09-16 23:40
VLAI
Title
Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service
Summary
Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards.
Severity
4.6 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.brokenwire.fail/ | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Combined Charging System | Combined Charging System |
Affected:
Current version , ≤ 2.0
(custom)
|
|
| Combined Charging System | HomePlug GreenPHY |
Affected:
Current version , ≤ 1.1
(custom)
|
Date Public
2022-08-01 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:04.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.brokenwire.fail/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Combined Charging System",
"vendor": "Combined Charging System",
"versions": [
{
"lessThanOrEqual": "2.0",
"status": "affected",
"version": "Current version",
"versionType": "custom"
}
]
},
{
"product": "HomePlug GreenPHY",
"vendor": "Combined Charging System",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "Current version",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sebastian K\u00f6hler, University of Oxford"
},
{
"lang": "en",
"value": "Richard Baker, University of Oxford"
},
{
"lang": "en",
"value": "Martin Strohmeier, Armasuisse S+T"
},
{
"lang": "en",
"value": "Ivan Martinovic, University of Oxford"
}
],
"datePublic": "2022-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 \u0026 ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-12T12:00:23.000Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.brokenwire.fail/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service",
"workarounds": [
{
"lang": "en",
"value": "Using stronger shielded cables and securing the physical paramater might reducing the viability of this attack.\nRight now, the only way to prevent the attack is not to charge on a DC rapid charger."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Brokenwire",
"ASSIGNER": "vulnerability@ncsc.ch",
"DATE_PUBLIC": "2022-08-01T06:41:00.000Z",
"ID": "CVE-2022-0878",
"STATE": "PUBLIC",
"TITLE": "Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Combined Charging System",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Current version",
"version_value": "2.0"
}
]
}
},
{
"product_name": "HomePlug GreenPHY",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Current version",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Combined Charging System"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sebastian K\u00f6hler, University of Oxford"
},
{
"lang": "eng",
"value": "Richard Baker, University of Oxford"
},
{
"lang": "eng",
"value": "Martin Strohmeier, Armasuisse S+T"
},
{
"lang": "eng",
"value": "Ivan Martinovic, University of Oxford"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 \u0026 ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.brokenwire.fail/",
"refsource": "CONFIRM",
"url": "https://www.brokenwire.fail/"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Using stronger shielded cables and securing the physical paramater might reducing the viability of this attack.\nRight now, the only way to prevent the attack is not to charge on a DC rapid charger."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2022-0878",
"datePublished": "2022-04-12T12:00:23.108Z",
"dateReserved": "2022-03-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:40:53.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}