EXECUTIVE SUMMARY
- GUI wide open.
- Default password on WiFi and management interface
- Attacker can cause financial damage to consumer
- Attacker can dump entire PW Load into the grid at once
- Attacker can oscilate between CHARGING and DUMPING (microseconds, the poor sub-station!)
- Attacker can change grid codes.
More here. At least somebody looked into the security and attack potential of these things.