CVE-2025-5823 is a medium-severity vulnerability identified in the Autel MaxiCharger AC Wallbox Commercial electric vehicle (EV) charging stations, specifically affecting version 1.36.00 of the product. The vulnerability arises from an exposed dangerous method within the Autel Technician API, which is intended for authorized maintenance and diagnostic operations. This exposed method allows an authenticated remote attacker to disclose sensitive information, including credentials, which could be leveraged for further compromise of the affected system. The vulnerability is categorized under CWE-749, indicating an exposed dangerous method or function that can lead to information disclosure. Exploitation requires prior authentication but does not require user interaction, and the attack vector is network-based, meaning the attacker can exploit the flaw remotely over the network. The CVSS v3.0 base score is 4.9, reflecting a medium severity primarily due to the requirement for authentication and the impact being limited to confidentiality (credential disclosure) without affecting integrity or availability. No known exploits are currently reported in the wild, and no patches have been linked yet. The disclosure was published on June 25, 2025, and the vulnerability was reserved earlier that month. The affected product is a commercial EV charger widely used in public and private charging infrastructure, which integrates into broader energy and facility management systems.

For European organizations, the impact of this vulnerability could be significant in sectors relying heavily on EV infrastructure, such as transportation hubs, commercial real estate, and municipal services. Disclosure of credentials could allow attackers to gain unauthorized access to the charging station management interfaces, potentially leading to unauthorized control or manipulation of charging operations, theft of service, or pivoting to other internal networks. While the vulnerability does not directly affect system integrity or availability, the compromise of credentials can facilitate lateral movement or further attacks against critical infrastructure. Given the increasing adoption of EVs and charging infrastructure across Europe, especially in countries with aggressive green energy policies, this vulnerability poses a risk to operational continuity and data confidentiality. Additionally, compromised chargers could be used as entry points for attacks on smart grid components or energy management systems, which are critical for national energy security and compliance with EU regulations on energy infrastructure protection.

Organizations should implement strict access controls and network segmentation to limit access to the Autel Technician API only to trusted and authenticated personnel. Multi-factor authentication (MFA) should be enforced for all users accessing the charging station management interfaces to reduce the risk of credential compromise. Monitoring and logging of API access should be enhanced to detect anomalous or unauthorized attempts promptly. Since no official patch is currently available, organizations should consider isolating the affected devices from broader corporate or operational networks and restrict remote access to the minimum necessary. Regularly updating firmware and software when patches become available is critical. Additionally, conducting security assessments and penetration testing focused on EV charging infrastructure can help identify and remediate similar vulnerabilities proactively. Vendors and integrators should be engaged to prioritize patch development and deployment. Finally, organizations should prepare incident response plans specific to EV infrastructure compromise scenarios.