Bluetooth Low Energy Handler Vulnerability in Besen BS20 EV Charging Station
CVE-2026-9394

2.3LOW

Key Information:

Vendor

Besen

Status
Bs20 Ev Charging Station
Vendor
CVE Published:
24 May 2026

What is CVE-2026-9394?

A vulnerability exists in the Bluetooth Low Energy Handler of the Besen BS20 EV Charging Station, which could lead to the implementation of weak password requirements. This flaw requires an attacker to be within the local network to exploit it, and while the exploitation process is characterized by high complexity, it poses a potential risk if not addressed. Reports have indicated that these vulnerabilities were acknowledged by Besen for review as of April 2026.

Affected Version(s)

BS20 EV Charging Station 20260426

References

https://vuldb.com/vuln/365375
vdb-entry
https://vuldb.com/vuln/365375/cti
signaturepermissions-required
https://vuldb.com/submit/813569
third-party-advisory

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

carfeii (VulDB User)
VulDB CNA Team
.