CVE-2025-25271 is a high-severity vulnerability affecting the Phoenix Contact CHARX SEC-3150 device, which is a product likely used in electric vehicle charging infrastructure. The vulnerability is classified under CWE-1188, indicating an insecure default initialization of a resource. Specifically, the issue arises from insecure default settings in the device's configuration interface that allow an unauthenticated attacker located on an adjacent network segment to configure a new Open Charge Point Protocol (OCPP) backend. OCPP is a standardized protocol used for communication between electric vehicle charging stations and central management systems. By exploiting this vulnerability, an attacker can redirect or manipulate the charging station's backend communications without requiring any authentication or user interaction. The CVSS v3.1 score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) reflects the high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges or user interaction needed, but requiring adjacent network access. The vulnerability was published on July 8, 2025, and no known exploits are currently reported in the wild. The affected version is listed as 0.0.0, which likely indicates an initial or default firmware version. The root cause is insecure default initialization, meaning the device ships with configuration settings that expose the configuration interface without proper access controls, enabling unauthorized configuration changes. This can lead to full compromise of the charging station's communication backend, potentially allowing attackers to intercept, manipulate, or disrupt charging operations and data flows.

For European organizations, especially those involved in electric vehicle infrastructure, utilities, and smart city deployments, this vulnerability poses significant risks. Compromise of the CHARX SEC-3150 devices could lead to unauthorized control over charging stations, enabling attackers to disrupt service availability, manipulate billing or usage data, or intercept sensitive information. This could undermine trust in EV infrastructure, cause financial losses, and impact critical energy management systems. Given the increasing adoption of electric vehicles and associated infrastructure across Europe, disruption or manipulation of charging stations could have cascading effects on transportation and energy sectors. Additionally, attackers could leverage compromised devices as footholds within industrial or critical infrastructure networks, potentially facilitating further lateral movement or attacks. The lack of authentication and user interaction requirements lowers the barrier for exploitation, increasing the likelihood of successful attacks in environments where network segmentation is insufficient. The impact on confidentiality, integrity, and availability is high, making this a critical concern for organizations managing or operating EV charging infrastructure in Europe.

To mitigate this vulnerability, European organizations should: 1) Immediately verify the firmware version of all Phoenix Contact CHARX SEC-3150 devices and apply any available vendor patches or firmware updates once released. Since no patch links are currently available, organizations should maintain close communication with Phoenix Contact for updates. 2) Implement strict network segmentation to isolate EV charging infrastructure from general enterprise and public networks, limiting adjacent network access to trusted administrators only. 3) Restrict access to the configuration interface using network-level controls such as firewalls, VLANs, or access control lists to prevent unauthorized adjacent attackers from reaching the device. 4) Monitor network traffic for anomalous configuration changes or unexpected OCPP backend reconfigurations, employing intrusion detection systems tailored to industrial protocols. 5) Enforce strong physical security controls to prevent unauthorized local network access near charging stations. 6) Conduct regular security audits and penetration testing focused on EV charging infrastructure to detect insecure default configurations or other vulnerabilities. 7) Develop incident response plans specific to EV infrastructure compromise scenarios to enable rapid containment and recovery. These steps go beyond generic advice by focusing on network isolation, monitoring, and operational controls tailored to the unique context of EV charging systems.