Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations

beyondmachines1@infosec.exchange

Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations

Mobility46's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27028), that allow attackers to impersonate charging stations and seize administrative control. The vendor has not responded with a patch.

**If you operate Mobility46 charging stations, make sure that the systems are isolated from the internet and accessible only from trusted networks or VPN.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-and-session-flaws-discovered-in-mobility46-ev-charging-stations-h-c-g-0-l/gD2P6Ple2L