Description
As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.
Published: 2026-01-07
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Assess Impact
AI Analysis

Impact

The vulnerability arises because the OCPP v1.6 service communicates without authentication, which allows an attacker with knowledge of the protocol to obtain information about the charger. This reflects the weakness classified as CWE‑201, a lack of authentication that permits an unauthorized party to obtain sensitive information.

Affected Systems

EFACEC’s QC 60, QC 90, and QC 120 charging units are affected. No specific firmware or software version information was supplied, so all currently deployed units that use the unprotected OCPP v1.6 interface may be vulnerable.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity. The EPSS score is reported as less than 1 %, suggesting a low probability of exploitation at the current time. The vulnerability is not listed in the KEV catalog, so no known active exploitation has been reported. The likely attack vector is network-based, with an adversary needing only access to the OCPP interface and some knowledge of the protocol to extract charger information.

Generated by OpenCVE AI on April 18, 2026 at 16:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor or firmware update that secures the OCPP v1.6 service with authentication.
  • Configure network segmentation or firewall rules to restrict access to the OCPP port only to trusted management systems.
  • Enable or implement authentication or token validation on the OCPP interface before permitting client connections.

Generated by OpenCVE AI on April 18, 2026 at 16:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://cds.thalesgroup.com/en cve-icon cve-icon
History

Fri, 09 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 08 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Efacec
Efacec qc 120
Efacec qc 60
Efacec qc 90
Vendors & Products Efacec
Efacec qc 120
Efacec qc 60
Efacec qc 90

Wed, 07 Jan 2026 17:30:00 +0000

Type Values Removed Values Added
Description As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.
Title INFORMATION DISCLOSURE VIA CURL REQUESTS (OCPP)
Weaknesses CWE-201
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Efacec Qc 120 Qc 60 Qc 90
cve-icon MITRE

Status: PUBLISHED

Assigner: S21sec

Published:

Updated: 2026-01-09T19:09:20.052Z

Reserved: 2026-01-07T14:01:04.828Z

Link: CVE-2026-22539

cve-icon Vulnrichment

Updated: 2026-01-09T19:09:16.715Z

cve-icon NVD

Status : Deferred

Published: 2026-01-07T18:15:55.537

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-22539

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T17:00:05Z

Weaknesses