Adversaries may exploit vulnerabilities associated with charging stations to gain unauthorized access to vehicles and potentially compromise their systems. While charging stations offer the convenience of "plug and charge" for electric vehicles, the underlying protocols and communication channels between the station and the vehicle can often be insecure. In this context, attackers can employ various tactics, including Man-in-the-Middle (MITM) attacks, to intercept and manipulate the data exchanged during the charging process.These vulnerabilities open doors for adversaries to intercept sensitive vehicle data, inject malicious code or commands into the communication between the charging station and the vehicle's Controller Area Network (CAN) bus, and potentially compromise the vehicle's systems. By exploiting weaknesses in the charging station's security mechanisms, adversaries can disrupt the charging process, manipulate the vehicle's behavior, or even gain unauthorized control over critical vehicle functions.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.