CVE-2026-9398: Authentication Bypass by Capture-replay in Besen BS20 EV Charging Station
CVE-2026-9398 is a low-severity authentication bypass vulnerability in the Besen BS20 EV Charging Station (up to version 20260426). The flaw exists in the BLE/WiFi component and allows an attacker on the local network to bypass authentication via a capture-replay attack. Exploitation is considered highly complex and difficult. As of the latest information, Besen has acknowledged the issue and is reviewing it, but no official patch or fix has been confirmed yet.
AI Analysis
Technical Summary
This vulnerability affects the Besen BS20 EV Charging Station's BLE/WiFi component, enabling an attacker within the local network to perform an authentication bypass through a capture-replay attack. The attack complexity is high, and the exploitability is difficult. The vendor has been notified and is currently reviewing the vulnerability. No patch or remediation level has been published to date.
Potential Impact
Successful exploitation could allow an attacker on the local network to bypass authentication mechanisms of the charging station, potentially leading to unauthorized access or control. However, the low CVSS score (2.3) and high attack complexity indicate limited impact and difficulty in exploitation. There are no known exploits in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation has been published, monitoring vendor communications for updates is recommended. Given the attack requires local network access and is complex, limiting physical and network access to trusted users may reduce risk until a patch is available.
CVE-2026-9398: Authentication Bypass by Capture-replay in Besen BS20 EV Charging Station
Description
CVE-2026-9398 is a low-severity authentication bypass vulnerability in the Besen BS20 EV Charging Station (up to version 20260426). The flaw exists in the BLE/WiFi component and allows an attacker on the local network to bypass authentication via a capture-replay attack. Exploitation is considered highly complex and difficult. As of the latest information, Besen has acknowledged the issue and is reviewing it, but no official patch or fix has been confirmed yet.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects the Besen BS20 EV Charging Station's BLE/WiFi component, enabling an attacker within the local network to perform an authentication bypass through a capture-replay attack. The attack complexity is high, and the exploitability is difficult. The vendor has been notified and is currently reviewing the vulnerability. No patch or remediation level has been published to date.
Potential Impact
Successful exploitation could allow an attacker on the local network to bypass authentication mechanisms of the charging station, potentially leading to unauthorized access or control. However, the low CVSS score (2.3) and high attack complexity indicate limited impact and difficulty in exploitation. There are no known exploits in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation has been published, monitoring vendor communications for updates is recommended. Given the attack requires local network access and is complex, limiting physical and network access to trusted users may reduce risk until a patch is available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-24T06:19:03.634Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1365a6a5ae1af1aad23dc7
Added to database: 5/24/2026, 8:55:02 PM
Last enriched: 5/24/2026, 9:09:51 PM
Last updated: 5/24/2026, 9:56:46 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.