{"vulnerability": "CVE-2024-43655", "sightings": [{"uuid": "73bbc58c-aaf7-4902-8a91-6e7f7f48e47e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797409910755927", "content": "", "creation_timestamp": "2025-01-09T08:17:54.328502Z"}, {"uuid": "91ebb0c8-76cd-491f-bb28-507662ae8a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:08.921777Z"}, {"uuid": "5a0798c9-acd9-4c2e-b371-5477d5a67aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcaggilxz2x", "content": "", "creation_timestamp": "2025-01-09T08:16:37.067924Z"}, {"uuid": "7717beab-9866-4bcb-99b0-1959e9a4bd60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7141", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43655\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/S:P/AU:Y)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root\n\nThis issue affects Iocharger firmware for AC model chargers before version 24120701.\n\nLikelihood: Moderate \u2013 The attacker will first need to find the name of the script, and needs a (low privilege) account to gain access to the script, or convince a user with such access to execute a request to it.\n\nImpact: Critical \u2013 The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and deletefiles and services.\n\nCVSS clarification: Any network interface serving the web ui is vulnerable (AV:N) and there are not additional security measures to circumvent (AC:L), nor does the attack require and existing preconditions (AT:N). The attack is authenticated, but the level of authentication does not matter (PR:L), nor is any user interaction required (UI:N). The attack leads to a full compromised (VC:H/VI:H/VA:H), and compromised devices can be used to pivot into networks that should potentially not be accessible (SC:L/SI:L/SA:H). Becuase this is an EV charger handing significant power, there is a potential safety impact (S:P). This attack can be automated (AU:Y).\n\ud83d\udccf Published: 2025-01-09T07:56:45.279Z\n\ud83d\udccf Modified: 2025-03-11T13:07:19.985Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/DIVD-2024-00035/\n2. https://csirt.divd.nl/CVE-2024-43655/\n3. https://iocharger.com", "creation_timestamp": "2025-03-11T13:40:02.000000Z"}, {"uuid": "069fef21-7a3c-4d41-84bc-726ba4a3af30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/914", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43655\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root\n\nThis issue affects Iocharger firmware for AC model chargers before version 24120701.\n\nLikelihood: Moderate \u2013 The attacker will first need to find the name of the script, and needs a (low privilege) account to gain access to the script, or convince a user with such access to execute a request to it.\n\nImpact: Critical \u2013 The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and deletefiles and services.\n\nCVSS clarification: Any network interface serving the web ui is vulnerable (AV:N) and there are not additional security measures to circumvent (AC:L), nor does the attack require and existing preconditions (AT:N). The attack is authenticated, but the level of authentication does not matter (PR:L), nor is any user interaction required (UI:N). The attack leads to a full compromised (VC:H/VI:H/VA:H), and compromised devices can be used to pivot into networks that should potentially not be accessible (SC:L/SI:L/SA:H). Becuase this is an EV charger handing significant power, there is a potential safety impact (S:P). This attack can be automated (AU:Y).\n\ud83d\udccf Published: 2025-01-09T07:56:45.279Z\n\ud83d\udccf Modified: 2025-01-09T07:56:45.279Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/DIVD-2024-00035/\n2. https://csirt.divd.nl/CVE-2024-43655/\n3. https://iocharger.com", "creation_timestamp": "2025-01-09T08:17:12.000000Z"}, {"uuid": "8594bc6e-a5f8-4c38-a5cf-0f8ce483bf9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43655", "type": "seen", "source": "https://t.me/cvedetector/14809", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43655 - Iocharger AC Charger Root Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43655 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root  \n  \nThis issue affects Iocharger firmware for AC model chargers before version 24120701.  \n  \nLikelihood: Moderate \u2013 The attacker will first need to find the name of the script, and needs a (low privilege) account to gain access to the script, or convince a user with such access to execute a request to it.  \n  \nImpact: Critical \u2013 The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and deletefiles and services.  \n  \nCVSS clarification: Any network interface serving the web ui is vulnerable (AV:N) and there are not additional security measures to circumvent (AC:L), nor does the attack require and existing preconditions (AT:N). The attack is authenticated, but the level of authentication does not matter (PR:L), nor is any user interaction required (UI:N). The attack leads to a full compromised (VC:H/VI:H/VA:H), and compromised devices can be used to pivot into networks that should potentially not be accessible (SC:L/SI:L/SA:H). Becuase this is an EV charger handing significant power, there is a potential safety impact (S:P). This attack can be automated (AU:Y). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:13:53.000000Z"}]}