Besen BS20 EV Charging Station Improper Authorization Vulnerability in OTA Update Installation Handler

Vulnerability

A vulnerability has been identified in the Besen BS20 EV Charging Station, affecting versions prior to 20260426. The issue lies in the OTA Update Installation Handler, where improper authorization allows for unauthorized manipulation of firmware updates. This vulnerability can be exploited remotely, although it requires a high level of complexity and is known to be difficult to exploit.

Impact

Exploitation of this vulnerability could lead to unauthorized installation of firmware, potentially allowing for full control over the charging station and manipulation of its charging functions.

Added: May 26, 2026, 8:29 PM

Updated: May 26, 2026, 8:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Besen BS20 EV Charging Station Improper Authorization Vulnerability in OTA Update Installation Handler

Vulnerability

Impact

Affected Products

Besen BS20 EV Charging Station

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating