CVE-2025-12142
📋 TL;DR
A buffer overflow vulnerability in ABB Terra AC wallbox charging stations allows attackers to execute arbitrary code or cause denial of service by sending specially crafted input. This affects all Terra AC wallbox installations running firmware versions up to 1.8.33. The vulnerability is particularly concerning for charging station operators and fleet managers.
💻 Affected Systems
- ABB Terra AC wallbox
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution allowing complete compromise of the charging station, potentially enabling attackers to manipulate charging operations, steal user data, or pivot to other network systems.
Likely Case
Denial of service causing charging station unavailability, disrupting electric vehicle charging operations and potentially causing financial losses.
If Mitigated
Limited impact if network segmentation and access controls prevent unauthorized access to the charging station management interface.
🎯 Exploit Status
Exploitation requires understanding of the specific buffer overflow conditions and access to the charging station's management interface. No public exploits are currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 1.8.33
Vendor Advisory: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A8107&LanguageCode=en&DocumentPartId=&Action=Launch
Restart Required: No
Instructions:
1. Download the latest firmware from ABB's official portal. 2. Upload the firmware to the Terra AC wallbox via the management interface. 3. Apply the firmware update following ABB's documentation. 4. Verify the update completed successfully.
🔧 Temporary Workarounds
Network Segmentation
allIsolate charging stations from untrusted networks and restrict access to management interfaces
Access Control Lists
allImplement strict firewall rules to limit which IP addresses can communicate with charging station management interfaces
🧯 If You Can't Patch
- Implement network segmentation to isolate charging stations from critical infrastructure
- Deploy intrusion detection systems to monitor for buffer overflow attempts against charging stations
🔍 How to Verify
Check if Vulnerable:
Check the firmware version in the Terra AC wallbox management interface. If version is 1.8.33 or earlier, the system is vulnerable.Check Version:
Check via ABB Terra AC wallbox web interface or management console for firmware version informationVerify Fix Applied:
Verify firmware version shows a version higher than 1.8.33 in the management interface and confirm all charging functions operate normally.📡 Detection & Monitoring
Log Indicators:
- Unusual buffer overflow error messages in system logs
- Multiple failed connection attempts to management interface
- Unexpected system reboots or crashes
Network Indicators:
- Unusual traffic patterns to charging station management ports
- Large payloads sent to management interface endpoints
- Connection attempts from unexpected source IPs
SIEM Query:
source="terra-wallbox" AND (message="*buffer*" OR message="*overflow*" OR message="*segmentation fault*")