The Autel MaxiCharger, a sophisticated EV charger with extensive hardware features, was found to be vulnerable to remote code execution via Bluetooth.  Researchers discovered three vulnerabilities (CVE-2024-23958, CVE-2024-23959, and CVE-2024-23967) that allowed attackers to execute arbitrary code on the device without requiring any additional prerequisites.  The vulnerabilities were exploited during the Pwn2Own Automotive 2024 competition … Continue reading EV charger Vulnerability Let Attackers Triggered an RCE via Bluetooth