CVE-2025-5749 in Level 2 EV Charger
Summary
by MITRE • 06/06/2025
WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of cryptographic keys used in vendor-specific encrypted communications. The issue results from the lack of proper initialization of a variable prior to accessing it. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26295.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 08/14/2025
The CVE-2025-5749 vulnerability represents a critical authentication bypass flaw in WOLFBOX Level 2 EV Charger devices that operates at the Bluetooth Low Energy protocol layer. This vulnerability stems from improper initialization of cryptographic key variables within the device's vendor-specific encrypted communication framework, creating a fundamental security weakness that allows attackers to gain unauthorized access without requiring authentication credentials. The flaw specifically impacts the device's ability to properly establish secure communication channels, as the uninitialized variable containing encryption keys can be manipulated by adversaries to bypass the intended authentication mechanisms.
The technical root cause of this vulnerability aligns with CWE-457: Use of Uninitialized Variable, which occurs when a variable is used without being properly initialized before its first use. In this context, the uninitialized encryption key variable creates a predictable state that attackers can exploit to forge legitimate communication sessions. The vulnerability exists within the BLE encryption implementation where the system fails to properly initialize cryptographic materials before attempting to authenticate or encrypt communications. This uninitialized state allows attackers to manipulate the cryptographic handshake process, effectively bypassing the authentication layer that should protect access to the charging station's control interfaces and operational functions.
From an operational perspective, this vulnerability poses significant risks to electric vehicle charging infrastructure security as it enables network-adjacent attackers to gain unauthorized access to charging stations without requiring legitimate credentials. The attack vector specifically targets devices within Bluetooth range, making it particularly dangerous in public charging environments where attackers can approach charging stations without physical access requirements. An attacker exploiting this vulnerability could potentially gain control over charging operations, modify charging parameters, or access sensitive operational data, while the lack of authentication requirements means that any nearby device capable of Bluetooth communication could attempt exploitation. This creates a substantial risk for both individual users and fleet operators who rely on these charging stations for their electric vehicle operations.
The security implications extend beyond simple unauthorized access to include potential operational disruption and safety concerns for electric vehicle charging infrastructure. Attackers could manipulate charging sessions, potentially causing overcharging scenarios or preventing legitimate charging operations. The vulnerability's classification as a BLE encryption bypass also raises concerns about the broader security posture of the charging station's communication protocols, as it suggests weaknesses in the overall cryptographic implementation that could affect other security mechanisms. Organizations should consider this vulnerability in the context of the MITRE ATT&CK framework, particularly within the credential access and defense evasion categories, where the uninitialized variable represents a technique for bypassing authentication controls. Mitigation strategies should include firmware updates from the vendor, network segmentation to limit Bluetooth access, and monitoring for unauthorized access attempts to charging infrastructure. Additionally, organizations should implement robust key management practices and consider replacing affected devices until proper security patches are available, as the nature of uninitialized variables in cryptographic contexts typically requires complete system resets or firmware updates to address properly.