These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A low-severity authentication bypass vulnerability affects Besen BS20 EV Charging Station firmware versions up to 20260426. The vulnerability resides in an unspecified component of the BLE/WiFi subsystem and permits authentication bypass via capture-replay attacks. Successful exploitation requires local network access and is characterized as highly complex with difficult exploitability. The vulnerability [truncated]
A high-severity improper authorization vulnerability affects Besen BS20 EV Charging Station firmware versions up to 20260426. The weakness resides in the OTA Update Installation Handler component, where insufficient authorization checks may allow remote attackers to install unauthorized firmware updates. The attack requires high complexity and is considered difficult to exploit. The vulnerability was disc [truncated]
A low-severity vulnerability (CVSS 4.0: 2.9) affecting Besen BS20 EV Charging Station firmware versions up to 20260426. The flaw resides in the Firmware Version Check component, where improper restriction of rendered UI layers (CWE-1021) can be exploited remotely with high attack complexity. The vulnerability enables UI spoofing through manipulation of firmware version verification mechanisms. The vendor [truncated]
A vulnerability in Besen BS20 EV Charging Station firmware up to 20260426 exposes insufficiently protected credentials via Bluetooth Low Energy (BLE) and UDP protocols. The issue, classified as CWE-522 (Insufficiently Protected Credentials), allows an attacker on the local network to obtain cleartext credentials. The CVSS 4.0 score of 2.0 (LOW severity) reflects the attack vector requirement of adjacent n [truncated]