Primary

Context

Bender Charge Controller Credential Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Bender Charge Controller models CC612, CC613, ICC13xx, and ICC16xx, all running versions 5.30.2 prior to 5.33.3. This vulnerability allows an authenticated, low-privileged attacker to access stored credentials on the charge controller, including the manufacturer password.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive credentials, including the manufacturer password, stored on the charge controller.

Remediation

Users are advised to upgrade to version 5.33.3 or later to address this vulnerability.

Added: Sep 8, 2025, 7:17 AM

Updated: Sep 8, 2025, 7:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bender Charge Controller Credential Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Bender CC612

Bender CC613

Bender ICC16xx

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating