Heap Overflow (CVE‑2025‑5517) in ABB Terra AC EV Chargers Enables Remote Firmware Manipulation
What It Is – A heap‑based buffer overflow (CVE‑2025‑5517) in ABB Terra AC wall‑box firmware allows an attacker to corrupt heap memory and gain remote code execution, potentially rewriting flash firmware. The flaw is triggered by a specially‑crafted OCPP message sent over unencrypted channels.
Exploitability – The vulnerability is publicly disclosed with a CVSS v3 base score of 6.8 (Medium‑High). No public exploit code has been released, but the attack vector is straightforward (malformed OCPP payload) and could be weaponized by threat actors targeting EV‑charging infrastructure.
Affected Products – ABB Terra AC wall‑box models:
- UL40/80A ≤ 1.8.32, 1.8.33
- UL32A ≤ 1.8.2, 1.8.34
- MID/CE ≤ 1.8.32, 1.8.34
- JP ≤ 1.8.2, 1.8.34
TPRM Impact – EV‑charging stations are often deployed by third‑party operators, facilities managers, and utilities. A compromised charger can become a foothold for lateral movement into corporate networks, affect service availability, and undermine trust in the supply chain of critical‑infrastructure hardware.
Recommended Actions –
- Verify firmware versions on all ABB Terra AC chargers and upgrade to the vendor‑released patches (versions > 1.8.34).
- Enforce TLS encryption for OCPP communication between chargers and the CSMS.
- Segment charger networks from core IT environments; apply strict firewall rules limiting inbound traffic to management ports.
- Conduct a rapid inventory of all ABB charging assets and document remediation status for third‑party risk registers.
- Monitor CISA and ABB advisories for any emerging exploit evidence.
Source: CISA Advisory – ICSA‑26‑146‑01