Skip to main content

Bs20 Ev Charging Station

5 CVEs product

Monthly

CVE-2026-9398 LOW Monitor

Unauthenticated capture-replay authentication bypass in the Besen BS20 EV Charging Station (firmware up to 20260426) exposes the device's BLE/WiFi interface to unauthorized command injection. An attacker physically adjacent to the charger can intercept and replay wireless authentication tokens to issue tampered charging commands without valid credentials. No patch has been released as of the analysis date; the vendor acknowledged the report in April 2026 and confirmed they are reviewing it. Publicly available proof-of-concept code exists (CVSS E:P), though exploitation probability remains very low (EPSS 0.03%, 11th percentile), consistent with the high attack complexity and adjacent-only access requirement.

Authentication Bypass Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.0%
CVE-2026-9397 HIGH PATCH This Week

Improper authorization in the OTA Update Installation Handler of Besen BS20 EV Charging Station versions up to 20260426 allows remote attackers to install spoofed firmware updates on affected charging stations. The flaw is network-reachable with no authentication required, but exploitation carries high attack complexity (CVSS 4.0 8.2), and publicly available exploit code exists via the original researcher disclosure on GitHub. EPSS rates exploitation probability at only 0.04% (12th percentile), and CISA SSVC flags exploitation status as 'none' despite the public proof-of-concept.

Authentication Bypass Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-9396 LOW Monitor

UI layer spoofing in the Besen BS20 EV Charging Station's Firmware Version Check component allows remote unauthenticated attackers to manipulate rendered UI layers (CWE-1021), producing falsified firmware version displays with a limited integrity impact on the vulnerable system. All firmware builds up to 20260426 are affected per ENISA EUVD-2026-31552, with a publicly documented proof-of-concept available on GitHub. Vendor acknowledgment was received as of April 2026 with no released patch confirmed - attack complexity is rated High and EPSS exploitation probability sits at 0.03% (8th percentile), indicating negligible real-world exploitation likelihood at this time.

XSS Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-9395 LOW Monitor

Cleartext credential exposure in the Besen BS20 EV Charging Station's BLE and UDP interfaces allows an adjacent-network attacker with low privileges to intercept authentication material transmitted without adequate protection. All firmware versions up to 20260426 are affected per EUVD-2026-31547 and NVD CPE data. Publicly available exploit code exists per a researcher's GitHub disclosure; however, no CISA KEV listing and an EPSS of 0.01% (3rd percentile) indicate no confirmed widespread exploitation at time of analysis.

Information Disclosure Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-9394 LOW Monitor

Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.

Information Disclosure Brute Force Bs20 Ev Charging Station
NVD VulDB GitHub
CVSS 4.0
1.3
EPSS
0.0%
EPSS 0% CVSS 1.3
LOW Monitor

Unauthenticated capture-replay authentication bypass in the Besen BS20 EV Charging Station (firmware up to 20260426) exposes the device's BLE/WiFi interface to unauthorized command injection. An attacker physically adjacent to the charger can intercept and replay wireless authentication tokens to issue tampered charging commands without valid credentials. No patch has been released as of the analysis date; the vendor acknowledged the report in April 2026 and confirmed they are reviewing it. Publicly available proof-of-concept code exists (CVSS E:P), though exploitation probability remains very low (EPSS 0.03%, 11th percentile), consistent with the high attack complexity and adjacent-only access requirement.

Authentication Bypass Bs20 Ev Charging Station
NVD VulDB GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Improper authorization in the OTA Update Installation Handler of Besen BS20 EV Charging Station versions up to 20260426 allows remote attackers to install spoofed firmware updates on affected charging stations. The flaw is network-reachable with no authentication required, but exploitation carries high attack complexity (CVSS 4.0 8.2), and publicly available exploit code exists via the original researcher disclosure on GitHub. EPSS rates exploitation probability at only 0.04% (12th percentile), and CISA SSVC flags exploitation status as 'none' despite the public proof-of-concept.

Authentication Bypass Bs20 Ev Charging Station
NVD VulDB GitHub
EPSS 0% CVSS 2.9
LOW Monitor

UI layer spoofing in the Besen BS20 EV Charging Station's Firmware Version Check component allows remote unauthenticated attackers to manipulate rendered UI layers (CWE-1021), producing falsified firmware version displays with a limited integrity impact on the vulnerable system. All firmware builds up to 20260426 are affected per ENISA EUVD-2026-31552, with a publicly documented proof-of-concept available on GitHub. Vendor acknowledgment was received as of April 2026 with no released patch confirmed - attack complexity is rated High and EPSS exploitation probability sits at 0.03% (8th percentile), indicating negligible real-world exploitation likelihood at this time.

XSS Bs20 Ev Charging Station
NVD VulDB GitHub
EPSS 0% CVSS 2.0
LOW Monitor

Cleartext credential exposure in the Besen BS20 EV Charging Station's BLE and UDP interfaces allows an adjacent-network attacker with low privileges to intercept authentication material transmitted without adequate protection. All firmware versions up to 20260426 are affected per EUVD-2026-31547 and NVD CPE data. Publicly available exploit code exists per a researcher's GitHub disclosure; however, no CISA KEV listing and an EPSS of 0.01% (3rd percentile) indicate no confirmed widespread exploitation at time of analysis.

Information Disclosure Bs20 Ev Charging Station
NVD VulDB GitHub
EPSS 0% CVSS 1.3
LOW Monitor

Weak password requirements in the Bluetooth Low Energy (BLE) handler of the Besen BS20 EV Charging Station (firmware up to 20260426) expose the device to credential brute-forcing from adjacent-network attackers within Bluetooth range. The flaw, catalogued under CWE-521, results in limited confidentiality impact (VC:L in CVSS 4.0) with no integrity or availability consequences, yielding an overall CVSS 4.0 score of 1.3. Publicly available exploit code exists (E:P in CVSS vector, GitHub PoC at carfeii/besen), though EPSS sits at 0.01% (2nd percentile), and no active exploitation has been confirmed by CISA KEV. Besen acknowledged the report as of April 2026 but no patched firmware version has been released.

Information Disclosure Brute Force Bs20 Ev Charging Station
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy