Critical Heap/Stack Buffer Overflows in ABB Terra AC Wallbox (CVE‑2025‑10504, CVE‑2025‑12142, CVE‑2025‑12143) Threaten EV Charging Infrastructure
What It Is – ABB’s Terra AC Wallbox (JP) firmware versions ≤ 1.8.33 and 1.8.36 contain three related buffer‑overflow bugs (heap‑based, classic copy‑without‑size‑check, and stack‑based). Successful exploitation lets an attacker corrupt heap memory, gain remote code execution, and write arbitrary data to flash, effectively re‑programming the charger.
Exploitability – Public advisories confirm the flaws are exploitable in the wild; proof‑of‑concept code has been shared in security forums. The CVSS v3.1 base score is 6.1 (Moderate). No known active ransomware or botnet leveraging the bug yet, but the attack surface is low‑complexity (remote over the charger’s management interface).
Affected Products – ABB Terra AC Wallbox (Japan market) firmware ≤ 1.8.33 and version 1.8.36.
TPRM Impact – The wallbox is deployed globally in public EV charging stations, often operated by third‑party site owners, utilities, and fleet managers. A compromised charger can be used to pivot into corporate networks, disrupt service, or tamper with billing data, creating a supply‑chain risk for any organization that relies on ABB‑provided charging infrastructure.
Recommended Actions –
- Verify firmware version on every ABB Terra AC Wallbox in your portfolio.
- Apply ABB’s remediation patch (firmware ≥ 1.8.34) immediately.
- Isolate charging stations on a dedicated VLAN and enforce strict firewall rules.
- Conduct continuous monitoring for anomalous flash‑write activity or unexpected network traffic from chargers.
- Update third‑party risk registers to reflect the new vulnerability and require vendors to provide proof of patch deployment.
Source: CISA Advisory – ICSA‑26‑141‑05