CVE-2025-8348 is a vulnerability identified in version 1.0 of the Kehua Charging Pile Cloud Platform, a system likely used to manage and monitor electric vehicle (EV) charging stations. The vulnerability is classified as improper authentication, meaning that the platform does not adequately verify the identity or permissions of users attempting to access certain resources or functionalities. The flaw resides in an unspecified portion of the code related to the /home endpoint or directory, which suggests that attackers may bypass authentication controls to gain unauthorized access remotely. The vulnerability can be exploited without any authentication, user interaction, or privileges, making it accessible to remote attackers over the network. The CVSS 4.0 base score is 6.9, indicating a medium severity level. The vector details (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P) show that the attack requires no privileges or user interaction, has low attack complexity, and impacts confidentiality, integrity, and availability to a limited extent. The vendor has not responded to the disclosure, and no patches or mitigations have been published yet. Although no known exploits are currently reported in the wild, the public disclosure of the exploit code increases the risk of exploitation. Given the critical role of charging pile cloud platforms in managing EV infrastructure, unauthorized access could allow attackers to manipulate charging operations, disrupt services, or extract sensitive operational data.

For European organizations, this vulnerability poses significant risks, especially for entities involved in electric vehicle infrastructure, such as utility companies, charging network operators, and smart city initiatives. Unauthorized access could lead to disruption of charging services, causing inconvenience to EV users and potential financial losses. Attackers might manipulate charging sessions, causing overcharging, denial of service, or even damaging hardware if safety controls are bypassed. Confidentiality breaches could expose user data or operational metrics, undermining trust and regulatory compliance, particularly under GDPR. Integrity violations could allow attackers to alter billing or usage data, leading to revenue loss or fraud. Availability impacts could disrupt critical EV infrastructure, which is increasingly vital for European green energy and transportation policies. The lack of vendor response and absence of patches heighten the urgency for organizations to proactively address this threat. Additionally, the medium severity rating suggests that while the vulnerability is serious, exploitation may have some limitations or mitigations in place, but the remote, unauthenticated nature of the flaw still makes it a notable risk.

Given the absence of official patches or vendor guidance, European organizations should implement compensating controls immediately. Network segmentation should isolate the Charging Pile Cloud Platform from public internet access, restricting access to trusted internal networks or VPNs. Deploying Web Application Firewalls (WAFs) with custom rules to detect and block anomalous requests targeting the /home endpoint or suspicious authentication bypass attempts can reduce exposure. Continuous monitoring and logging of access attempts to the platform should be enhanced to detect early signs of exploitation. Organizations should conduct internal penetration testing and vulnerability assessments focusing on authentication mechanisms of the platform. Where possible, multi-factor authentication (MFA) should be enforced on all administrative or user access points, even if the platform itself lacks native support. Incident response plans should be updated to include scenarios involving unauthorized access to EV charging infrastructure. Finally, organizations should engage with Kehua or relevant vendors to demand timely patches and share threat intelligence with industry peers and CERTs to coordinate defense efforts.