CVE-2025-48414 is a medium-severity vulnerability identified in eCharge Hardy Barth's cPH2 and cPP2 electric vehicle charging stations, specifically in firmware versions up to 2.2.0. The vulnerability arises from the presence of hard-coded credentials embedded within several scripts accessible through the device's web interface. These credentials are undocumented and likely intended for debugging or administrative purposes during development but were not removed or properly secured before release. The scripts accessible via these credentials expose additional administrative and debug functionalities, thereby expanding the attack surface of the charging stations. The vulnerability is remotely exploitable over the network without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The impact primarily affects confidentiality and integrity, as unauthorized actors could gain access to administrative functions, potentially leading to unauthorized configuration changes or data exposure. However, availability is not directly impacted. No known exploits are currently reported in the wild, but the presence of hard-coded credentials is a well-known security anti-pattern that can be leveraged by attackers to gain persistent unauthorized access. Given the critical role of EV charging infrastructure in energy and transportation sectors, exploitation could have operational and reputational consequences.

For European organizations, especially those operating or managing EV charging infrastructure, this vulnerability poses a significant risk. Unauthorized access to charging stations could allow attackers to manipulate charging operations, disrupt service availability indirectly, or harvest sensitive operational data. This could affect utilities, commercial charging networks, and public infrastructure providers, potentially undermining trust in EV infrastructure reliability. Furthermore, compromised charging stations could be used as footholds within broader operational technology (OT) or industrial control system (ICS) networks, increasing the risk of lateral movement and more extensive attacks. Given the increasing adoption of EVs and the EU's push for sustainable transportation, the affected devices are likely deployed across multiple countries, amplifying the potential impact. Confidentiality breaches could expose user data or operational parameters, while integrity violations could lead to unauthorized changes in charging behavior or firmware, potentially causing safety or financial issues.

Organizations should prioritize updating affected charging stations to firmware versions beyond 2.2.0 once patches become available. In the absence of official patches, immediate mitigations include restricting network access to the charging stations' management interfaces by implementing network segmentation and firewall rules that limit access to trusted administrators only. Monitoring network traffic for unusual access patterns to the web interface scripts can help detect exploitation attempts. Additionally, organizations should conduct thorough audits of deployed devices to identify those running vulnerable firmware versions. Where possible, disable or remove debug and administrative scripts that are not required for normal operation. Vendors should be engaged to provide secure firmware updates and guidance on securely managing device credentials. Finally, integrating these devices into a broader security monitoring framework will help detect and respond to potential compromises swiftly.