Blueprint: Open Worldwide Application Security Project Top 10 Common Weakness Enumerations for Electric Vehicle Supply Equipment

Myungsoo Jun; Jordan Smart; Katherine Amoresano; Erich Feth; Ryan Cryar; Paul Snyder

doi:10.2172/3018253

Blueprint: Open Worldwide Application Security Project Top 10 Common Weakness Enumerations for Electric Vehicle Supply Equipment

Cybersecurity Research

National Laboratory of the Rockies

Research output: NLR › Technical Report

Abstract

This report categorizes the top 10 security weaknesses in electric vehicle supply equipment (EVSE) using a similar approach by the Open Worldwide Application Security Project (OWASP) Top 10, and it describes example exploitations, methods for prevention, and related common weakness enumerations (CWEs) for each category. The weaknesses listed in this report could lead to security issues or vulnerabilities in EVSE if they are exploited by an attacker to compromise the confidentiality, integrity, or availability of a system. This report also recommends EVSE industry best practices and remediations for the identified weaknesses to use as guidelines for their secure products and systems.

Original language	American English
Number of pages	39
DOIs	https://doi.org/10.2172/3018253
State	Published - 2026

NLR Publication Number

NLR/TP-5T00-96284

Keywords

cybersecurity
EVSE
mitigation
weakness

Access to Document

10.2172/3018253

https://www.nlr.gov/docs/fy26osti/96284.pdf

Cite this

@misc{7cb4b5be8049430fb92c40afecb7cbf8,

title = "Blueprint: Open Worldwide Application Security Project Top 10 Common Weakness Enumerations for Electric Vehicle Supply Equipment",

abstract = "This report categorizes the top 10 security weaknesses in electric vehicle supply equipment (EVSE) using a similar approach by the Open Worldwide Application Security Project (OWASP) Top 10, and it describes example exploitations, methods for prevention, and related common weakness enumerations (CWEs) for each category. The weaknesses listed in this report could lead to security issues or vulnerabilities in EVSE if they are exploited by an attacker to compromise the confidentiality, integrity, or availability of a system. This report also recommends EVSE industry best practices and remediations for the identified weaknesses to use as guidelines for their secure products and systems.",

keywords = "cybersecurity, EVSE, mitigation, weakness",

author = "Myungsoo Jun and Jordan Smart and Katherine Amoresano and Erich Feth and Ryan Cryar and Paul Snyder",

year = "2026",

doi = "10.2172/3018253",

language = "American English",

type = "Other",

}

TY - GEN

T1 - Blueprint: Open Worldwide Application Security Project Top 10 Common Weakness Enumerations for Electric Vehicle Supply Equipment

AU - Jun, Myungsoo

AU - Smart, Jordan

AU - Amoresano, Katherine

AU - Feth, Erich

AU - Cryar, Ryan

AU - Snyder, Paul

PY - 2026

Y1 - 2026

N2 - This report categorizes the top 10 security weaknesses in electric vehicle supply equipment (EVSE) using a similar approach by the Open Worldwide Application Security Project (OWASP) Top 10, and it describes example exploitations, methods for prevention, and related common weakness enumerations (CWEs) for each category. The weaknesses listed in this report could lead to security issues or vulnerabilities in EVSE if they are exploited by an attacker to compromise the confidentiality, integrity, or availability of a system. This report also recommends EVSE industry best practices and remediations for the identified weaknesses to use as guidelines for their secure products and systems.

AB - This report categorizes the top 10 security weaknesses in electric vehicle supply equipment (EVSE) using a similar approach by the Open Worldwide Application Security Project (OWASP) Top 10, and it describes example exploitations, methods for prevention, and related common weakness enumerations (CWEs) for each category. The weaknesses listed in this report could lead to security issues or vulnerabilities in EVSE if they are exploited by an attacker to compromise the confidentiality, integrity, or availability of a system. This report also recommends EVSE industry best practices and remediations for the identified weaknesses to use as guidelines for their secure products and systems.

KW - cybersecurity

KW - EVSE

KW - mitigation

KW - weakness

U2 - 10.2172/3018253

DO - 10.2172/3018253

M3 - Technical Report

ER -

Blueprint: Open Worldwide Application Security Project Top 10 Common Weakness Enumerations for Electric Vehicle Supply Equipment

Abstract

NLR Publication Number

Keywords

Access to Document

Fingerprint

Cite this