CVE-2025-8347 is a SQL Injection vulnerability identified in version 1.0 of the Kehua Charging Pile Cloud Platform, specifically affecting an unspecified component within the /sys/task/findAllTask endpoint. This vulnerability allows an unauthenticated remote attacker with low privileges to manipulate SQL queries by injecting malicious input, potentially leading to unauthorized access or modification of the backend database. The vulnerability is classified with a CVSS 4.0 base score of 5.3, indicating medium severity. The attack vector is network-based (AV:N), requires low attack complexity (AC:L), no privileges (PR:L) but with low privileges, and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is low to limited (VC:L, VI:L, VA:L), suggesting that while exploitation is possible remotely, the extent of damage or data exposure may be constrained by the platform's design or existing access controls. The vendor has been notified but has not responded or released a patch, and public exploit details have been disclosed, increasing the risk of exploitation. The lack of patch availability and vendor response heightens the urgency for affected organizations to implement compensating controls. The vulnerability's presence in a cloud platform managing charging piles (electric vehicle charging infrastructure) raises concerns about potential disruption or data compromise in critical energy infrastructure management systems.

For European organizations, particularly those involved in electric vehicle infrastructure management, energy utilities, or smart city deployments, this vulnerability poses a tangible risk. Exploitation could lead to unauthorized database access, potentially exposing sensitive operational data, user information, or configuration details. Although the CVSS indicates limited impact, the critical nature of charging infrastructure in supporting the transition to electric mobility means any disruption or data breach could have cascading effects on service availability and user trust. Attackers might leverage this vulnerability to manipulate task scheduling or operational parameters within the platform, potentially causing service interruptions or inaccurate billing. Given the increasing adoption of EV infrastructure across Europe, a successful attack could affect multiple stakeholders, including service providers, municipalities, and end-users. The absence of vendor remediation increases the risk window, making proactive defense essential.

Since no official patch is available, European organizations should implement the following specific mitigations: 1) Conduct immediate code and query parameter validation audits on the /sys/task/findAllTask endpoint to identify and block injection attempts using web application firewalls (WAF) with tailored SQL injection detection rules. 2) Restrict network access to the Charging Pile Cloud Platform management interfaces to trusted IP ranges and enforce strict authentication and authorization controls to limit exposure. 3) Employ database activity monitoring to detect anomalous queries indicative of injection attempts. 4) Implement input sanitization and parameterized queries in any custom integrations or scripts interacting with the platform. 5) Monitor public threat intelligence feeds for emerging exploit tools targeting this CVE and prepare incident response plans accordingly. 6) Engage with Kehua or third-party security vendors for potential unofficial patches or workarounds. 7) Isolate the platform within segmented network zones to minimize lateral movement in case of compromise.