Critical Vulnerabilities in EVMAPA Charging Stations Expose EV Infrastructure to Attacks
CISA warns of severe flaws in EVMAPA EV charging stations enabling DoS, remote code execution, and status manipulation. Patch immediately.
CISA Warns of Critical Flaws in EVMAPA EV Charging Stations
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed multiple critical vulnerabilities in EVMAPA electric vehicle (EV) charging stations that could enable denial-of-service (DoS) attacks, remote command execution, and spoofing of charging station statuses. The advisory (ICSA-26-022-08) was published on January 22, 2026, and includes technical details via a CSAF (Common Security Advisory Framework) document.
Technical Details of the Vulnerabilities
While CISA has not yet assigned CVE IDs to these flaws, the advisory highlights the following potential impacts:
- Degraded service or DoS: Attackers could disrupt charging station operations, rendering them inoperable.
- Unauthorized remote command execution: Threat actors may gain control over charging stations, enabling malicious actions such as spoofing status updates or manipulating charging sessions.
- Spoofing and manipulation risks: Compromised stations could falsify operational data, leading to misinformation for operators and users.
The vulnerabilities affect EVMAPA charging infrastructure, though specific versions and affected models have not been disclosed in the initial advisory. Security professionals should monitor the CSAF document for updates, including CVE assignments and mitigation guidance.
Impact Analysis
The exploitation of these vulnerabilities poses significant risks to EV charging networks, which are increasingly critical to national infrastructure. Potential consequences include:
- Operational disruptions: DoS attacks could halt charging services, impacting fleets, public charging stations, and emergency services reliant on EVs.
- Financial and reputational damage: Manipulated charging data could lead to billing disputes, fraud, or loss of trust in EV infrastructure providers.
- Safety risks: Unauthorized command execution could enable attackers to override safety protocols, potentially endangering users or causing physical damage to equipment.
Given the growing adoption of EVs and the expansion of charging networks, these flaws underscore the need for proactive security measures in operational technology (OT) environments.
Recommendations for Security Teams
CISA has not yet released official patches or workarounds, but organizations using EVMAPA charging stations should take the following steps:
- Monitor the CSAF advisory for updates, including CVE assignments and vendor-supplied mitigations.
- Isolate critical charging infrastructure from untrusted networks to reduce exposure to remote attacks.
- Implement network segmentation to limit lateral movement in the event of a breach.
- Deploy intrusion detection/prevention systems (IDS/IPS) to monitor for anomalous activity targeting charging stations.
- Review access controls to ensure only authorized personnel can interact with charging management systems.
- Prepare incident response plans for potential disruptions or compromises.
Security professionals are advised to subscribe to CISA’s ICS advisories for real-time updates on this and other critical infrastructure threats. Additional guidance may be forthcoming as the vendor releases patches or mitigations.
For the full CSAF document, visit CISA’s GitHub repository.