From the screenshot of the webpage, the following key information about the vulnerability can be extracted: Vulnerability Identifier: CSAF_ID: 057-04 Disclosure Date: February 26, 2023 CVSS Score: - Base Score: 6.5 - Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Severity: Medium Acknowledgments: - Khaled Sarieddine - Mohammad Ali Sayed Vulnerability Summary: Charging authentication identifiers are publicly accessible via web-based mapping platforms. Risk Evaluation: Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack active charging sessions, and potentially gain access to valuable information or systems within the network. Vulnerability Type: Insufficiently Protected Credentials Affected Product: Product ID: CSAPID-0001 Recommendations: - Organizations should ensure that charging station authentication credentials are properly secured and not exposed via web-based platforms. - Implement network segmentation and access controls. - Conduct regular security assessments and vulnerability scans. - Follow secure coding practices. Published by: CISA (Cybersecurity and Infrastructure Security Agency) References: - CWE (Common Weakness Enumeration) reference for Insufficiently Protected Credentials. - MITRE CVSS calculator for v3.1 and v4.0 to assess the vulnerability score. - First.org CVSS calculator for additional score assessment. - Additional recommended practices and cybersecurity best practices for industrial control systems. - Targeted cyber intrusion detection and mitigation strategies. This vulnerability is part of the Energy and Transportation Systems critical infrastructure sectors, impacting the United Kingdom region, with recommendations for organizational preparedness, response, and recovery measures.