| عنوان | Besen EV Charging Station BS20 EV Charger Embedded Malicious Code |
|---|
| الوصف | Finding 4: Unauthorized Firmware Installation via Spoofed OTA Updates
The device lacks robust validation of OTA firmware updates.
Although some built-in safeguards and validation checks exist, they can be bypassed.
An attacker can spoof the update server and deliver malicious firmware, which the device may accept as legitimate.
This could enable full device compromise and manipulation of charging behavior.
|
|---|
| المصدر | ⚠️ https://github.com/carfeii/besen |
|---|
| المستخدم | carfeii (UID 97470) |
|---|
| ارسال | 26/04/2026 06:13 PM (1 شهر منذ) |
|---|
| الاعتدال | 24/05/2026 08:19 AM (28 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 365378 [Besen BS20 EV Charging Station حتى 20260426 OTA Update Installation تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|