In this talk we present a collection of attacks against the most widely used EV charging protocol, by exploiting flaws in the underlying power-line communication technologies affecting almost all EVs and chargers. Specifically, we target the QCA 7000 Homeplug modem series, used by the two most popular EV charging systems, CCS and NACS. We demonstrate multiple new vulnerabilities in the modems, enabling persistent denial of service. To better understand the scope of these issues, we conduct a study of EV chargers and vehicles, and show widespread insecurities in existing deployments. We show a variety of practical real-world scenarios where the HomePlug link can be used to hijack EV charging communications, even at a distance. Finally, we present results from reverse engineering the firmware and how we can gain code execution.

DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
5.4K views

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
11.1K views

DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
8.5K views

DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
3.6K views

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
5.4K views

DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
6.4K views