Reviewing the Attack Surface of the Autel MaxiCharger: Part Two

This post outlines the attack surface of the Autel MaxiCharger EV charger based on reverse engineering and manual review. It lists software versions for charger modules and mobile apps, describes app features (scheduling, load balancing, Wi‑Fi provisioning, forced firmware updates, OCPP server configuration) that could be abused, and notes anti‑reversing behavior observed in the Android app.