ePower epower.ie Vulnerabilities Allow Critical Access and Disruption

The ePower epower.ie vulnerabilities, with a CVSS score of 9.4, represent a critical risk to the operation of electric vehicle charging stations. The missing authentication for critical functions and improper restriction of excessive authentication attempts allow attackers to potentially take full control of affected devices or cause service disruptions through denial-of-service attacks. This is particularly concerning given the increasing reliance on EV infrastructure as part of global efforts to transition to cleaner energy sources.

The fact that all versions of ePower's epower.ie are affected underscores the need for immediate action by operators and users of these systems. Attackers could exploit these flaws to compromise sensitive data, alter charging station behavior, or disrupt services at scale. Given the critical nature of these vulnerabilities, organizations should prioritize patching and updating their systems as soon as possible.

The broader implications of this vulnerability extend beyond individual charging stations. If exploited on a large scale, it could impact the reliability of EV infrastructure, potentially affecting both consumers and businesses that depend on these services. This incident also highlights the importance of securing industrial control systems (ICS) and IoT devices, which are increasingly becoming targets for cyberattacks due to their critical role in modern infrastructure.