Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

Act Now9.8VDE-2025-019Jul 8, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple vulnerabilities in CHARX SEC-3xxx charging controller firmware allow unauthenticated remote code execution. The issues stem from missing authentication checks (CWE-306), command injection flaws (CWE-78), missing input validation (CWE-913), and improper validation of unsafe data (CWE-1188). An attacker on the network can send crafted requests to execute arbitrary commands on the charging controller without valid credentials. Affected models are CHARX SEC-3150, SEC-3050, and SEC-3000 running firmware versions prior to 1.7.3.

What this means

What could happen

An attacker with network access to a CHARX SEC charging controller could execute arbitrary code or commands on the device, allowing them to disable charging functionality, alter charge rates, or manipulate power distribution to connected electric vehicles.

Who's at risk

EV charging infrastructure operators using Phoenix Contact CHARX SEC-3xxx series charging controllers. This affects fleet charging stations, municipal EV charging networks, and commercial charging installations where these controllers manage power distribution to vehicle charging points.

How it could be exploited

An attacker on the network sends a specially crafted request to the charging controller's network interface. The device does not properly validate the request due to missing authentication checks and command injection flaws, allowing the attacker to execute code with the device's privileges.

Prerequisites

Network access to the charging controller (e.g., from facility network or internet if not firewalled)
No authentication required

Remotely exploitableNo authentication requiredLow complexityHigh CVSS (9.8)Affects critical infrastructure (charging systems)

Exploitability

Low exploit probability (EPSS 0.6%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

CHARX SEC-3150<FW 1.7.3FW 1.7.3

CHARX SEC-3050<FW 1.7.3FW 1.7.3

CHARX SEC-3000<FW 1.7.3FW 1.7.3

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to charging controller management interfaces using firewall rules; allow only authorized workstations or networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

CHARX SEC-3150

HOTFIXUpdate CHARX SEC-3150, SEC-3050, and SEC-3000 controllers to firmware version 1.7.3 or later

Long-term hardening

0/1

HARDENINGSegment charging infrastructure onto a separate network with limited access from general facility networks

CVEs (4)

CVE-2025-25268 CVE-2025-25269 CVE-2025-25270 CVE-2025-25271

View full CERT@VDE advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/6543eaf6-a9c4-48e1-b91c-5bf978279087