Search
Find a vulnerability
Search criteria
2 vulnerabilities found for id.charger_connect_firmware by vw
CVE-2024-5684 (GCVE-0-2024-5684)
Vulnerability from nvd – Published: 2024-06-06 12:54 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
ID Charger Connect & Pro - JWT-Null-Algorithm
Summary
An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept "none"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Volkswagen Group Charging GmbH - Elli, EVBox | ID Charger Connect & Pro |
Affected:
SPR3.2B
Affected: SPR3.51 Affected: SPR3.52 |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.2b
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.2b:*:*:*:*:*:*:* |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.51
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.51:*:*:*:*:*:*:* |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.52
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.52:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.2b:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.2b"
}
]
},
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.51:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.51"
}
]
},
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.52:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.52"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T13:27:31.304336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:40:30.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://asrg.io/security-advisories/vulnerability-in-id-charger-connect-and-pro-from-volkswagen-group-charging-gmbh-elli-evbox-versions-spr3-2b-spr3-51-and-spr3-52/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ID Charger Connect \u0026 Pro",
"vendor": "Volkswagen Group Charging GmbH - Elli, EVBox",
"versions": [
{
"status": "affected",
"version": "SPR3.2B"
},
{
"status": "affected",
"version": "SPR3.51"
},
{
"status": "affected",
"version": "SPR3.52"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Anna Breeva (PCAutomotive)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept \"none\"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism."
}
],
"value": "An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept \"none\"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T12:54:09.480Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerability-in-id-charger-connect-and-pro-from-volkswagen-group-charging-gmbh-elli-evbox-versions-spr3-2b-spr3-51-and-spr3-52/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ID Charger Connect \u0026 Pro - JWT-Null-Algorithm",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2024-5684",
"datePublished": "2024-06-06T12:54:09.480Z",
"dateReserved": "2024-06-06T12:47:48.760Z",
"dateUpdated": "2024-08-01T21:18:06.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5684 (GCVE-0-2024-5684)
Vulnerability from cvelistv5 – Published: 2024-06-06 12:54 – Updated: 2024-08-01 21:18
VLAI
EPSS
VEX
Title
ID Charger Connect & Pro - JWT-Null-Algorithm
Summary
An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept "none"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Volkswagen Group Charging GmbH - Elli, EVBox | ID Charger Connect & Pro |
Affected:
SPR3.2B
Affected: SPR3.51 Affected: SPR3.52 |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.2b
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.2b:*:*:*:*:*:*:* |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.51
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.51:*:*:*:*:*:*:* |
|
| volkswagen_group_charging_gmbh_elli_evbox | id_charger_connect_and_pro |
Affected:
spr3.52
cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.52:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.2b:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.2b"
}
]
},
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.51:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.51"
}
]
},
{
"cpes": [
"cpe:2.3:a:volkswagen_group_charging_gmbh_elli_evbox:id_charger_connect_and_pro:spr3.52:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "id_charger_connect_and_pro",
"vendor": "volkswagen_group_charging_gmbh_elli_evbox",
"versions": [
{
"status": "affected",
"version": "spr3.52"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T13:27:31.304336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:40:30.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://asrg.io/security-advisories/vulnerability-in-id-charger-connect-and-pro-from-volkswagen-group-charging-gmbh-elli-evbox-versions-spr3-2b-spr3-51-and-spr3-52/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ID Charger Connect \u0026 Pro",
"vendor": "Volkswagen Group Charging GmbH - Elli, EVBox",
"versions": [
{
"status": "affected",
"version": "SPR3.2B"
},
{
"status": "affected",
"version": "SPR3.51"
},
{
"status": "affected",
"version": "SPR3.52"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Anna Breeva (PCAutomotive)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept \"none\"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism."
}
],
"value": "An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept \"none\"-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T12:54:09.480Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerability-in-id-charger-connect-and-pro-from-volkswagen-group-charging-gmbh-elli-evbox-versions-spr3-2b-spr3-51-and-spr3-52/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ID Charger Connect \u0026 Pro - JWT-Null-Algorithm",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2024-5684",
"datePublished": "2024-06-06T12:54:09.480Z",
"dateReserved": "2024-06-06T12:47:48.760Z",
"dateUpdated": "2024-08-01T21:18:06.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}