Sternum Collaborates with ChargePoint to Enhance ChargePoint Home Flex Security
Tel Aviv, Israel – Jan. 23, 2024 — Sternum, the pioneer in embedded IoT security and observability, has announced enhanced security measures for the ChargePoint Home Flex.
In a recent research project, Sternum identified a potential vulnerability involving the reverse SSH tunnel and deprecated NTP client and HTTP servers. ChargePoint has taken action by disabling the HTTP server and updating the NTP client in their latest firmware update to address these issues.
Thanks to the analysis and assistance of Sternum IoT, ChargePoint has been able to strengthen the security of the CPH50, reducing the attack surface and ensuring a safer product.
“ChargePoint is committed to the security of all customer data, and through this collaboration, we’ve implemented critical enhancements to Home Flex,” said Teza Mukkavilli, Chief Information Security Officer of ChargePoint. “Our focus remains on delivering a convenient, dependable, and safe EV charging experience for all drivers.”
As part of their commitment to customer security, ChargePoint encourages researchers to collaborate with their InfoSec team to identify potential vulnerabilities in their products or environment. For more information, please email the InfoSec team at: [email protected].
Attack methodology:
Sternum’s experts obtained three different iterations of the ChargePoint Home Flex device. Through meticulous hardware and software security research, they gained access to the device’s firmware and secured a root shell using the JTAG headers on the device.
Findings:
The vulnerability discovered in the ChargePoint devices revolves around a flaw in the reverse SSH (rSSH) tunnel established by each unit upon booting. This tunnel, intended for telemetry and diagnostics purposes, presents a potential security risk.
The vulnerability arises from the way these devices handle their SSH connections. While newer devices use a more secure on-demand approach, they can still be exploited if an attacker waits for an on-demand connection from the server to the device. Older versions of the software use an ‘always-connect’ default setting, which could allow unauthorized access or manipulation.
During the firmware analysis, Sternum identified an outdated HTTP server, deprecated NTP client with known vulnerabilities, deprecated kernel, and device certificates with unlimited expiration time.
Implications of the Vulnerability:
Dumping the key pairs from the device implies that an attacker, upon authenticating to ChargePoint’s central server, could potentially create their own tunnel. This unauthorized access could extend to each connected charger. Sternum replicated the client-server setup in its testing facility to validate these findings.
Remediations:
Following the discovery, the company actively collaborated with ChargePoint to address the vulnerability, which has been updated in the latest software release. The update includes patching the NTP client, disabling the HTTP Server, and changing the SSH connection default to ‘on-demand’ to mitigate the vulnerability.
Conclusion:
This vulnerability highlights the challenges in securing IoT devices, especially those linked to critical infrastructure like electric vehicle charging stations. It emphasizes the need for continual vigilance and regular updates in the IoT landscape to protect against evolving cybersecurity threats. Sternum remains dedicated to collaborating with ChargePoint and other IoT device manufacturers to safeguard against vulnerabilities in the future.
Tweet This: @Sternum IoT Security Discovers Critical Vulnerability in ChargePoint Home Flex Device – https://sternumiot.com/iot-blog/
Resources:
– Visit http://www.sternumiot.com to learn more.
– Book a live demonstration of the Sternum platform at https://sternumiot.com/request-demo/
About Sternum:
Founded by ex-8200 (Israel’s elite intelligence unit) and Forbes 30UNDER30 Alumni, Sternum offers an embedded platform built for connected devices. By providing runtime security and observability, Sternum ensures continuous monitoring, built-in security, and valuable business insights. Deployed on millions of devices, Sternum enables organizations to improve operational efficiency and achieve business excellence.
January 23rd, 2024 | Uncategorized
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/news-alert-sternum-and-chargepoint-collaborate-to-enhance-chargepoint-home-flex-security/