CVE-2026-9397 | Besen BS20 EV Charging Station up to 20260426 OTA Update Installation improper authorization

A vulnerability was found in Besen BS20 EV Charging Station up to 20260426. It has been classified as critical. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization.

This vulnerability is tracked as CVE-2026-9397. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The original disclosure mentions, that “[t]hese vulnerabilities have been reported to Besen and we have received their acknowlegement that they are reviewing this as of April 2026.”

CVE-2026-9397 | Besen BS20 EV Charging Station up to 20260426 OTA Update Installation improper authorization

Post correlati

CVE-2024-50149 | Linux Kernel up to 6.11.5 drm run_job information disclosure (be8fe75e57f8/82926f52d7a0)

CVE-2024-49400 | Meta Tacquito permissive regular expression

CVE-2024-5073 | Essential Addons for Elementor Plugin up to 5.9.21 on WordPress Twitter Feed cross site scripting

CVE-2024-38761 | Zephyr Project Manager Plugin up to 3.3.99 on WordPress information disclosure