cvedb.io
CVE-2022-0878
MEDIUM · CVSS 4.6
EPSS exploitation probability: 0%
Published 2022-04-12T12:15:08.623 · Last modified 2026-06-17T04:21:24.963

Summary

Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m

Affected products

combined_charging_system_project — combined_charging_system_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when combined_charging_system_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.