| عنوان | Besen EV Charging Station BS20 EV Charger Improper Authorization |
|---|
| الوصف | Finding 5: Unauthorized Tampering of Charger Commands
Commands between the mobile app and EV charger (via BLE or Wi-Fi) are transmitted without encryption or integrity protection.
An attacker within the same network can intercept, modify, and replay modified UDP packets to manipulate charging behavior, including altering duration, current, power, or start/stop states without proper authorization or knowledge of the EV charger owner. |
|---|
| المصدر | ⚠️ https://github.com/carfeii/besen |
|---|
| المستخدم | carfeii (UID 97470) |
|---|
| ارسال | 26/04/2026 06:15 PM (1 شهر منذ) |
|---|
| الاعتدال | 24/05/2026 08:19 AM (28 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 365379 [Besen BS20 EV Charging Station حتى 20260426 BLE/WiFi توثيق ضعيف] |
|---|
| النقاط | 19 |
|---|