CVE-2025-12143
📋 TL;DR
A stack-based buffer overflow vulnerability in ABB Terra AC wallbox charging stations allows attackers to execute arbitrary code or cause denial of service by sending specially crafted data. This affects all Terra AC wallbox units running firmware versions through 1.8.33. The vulnerability requires network access to the device.
💻 Affected Systems
- ABB Terra AC wallbox
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution allowing complete device takeover, potential lateral movement to connected networks, or physical damage to charging equipment.
Likely Case
Denial of service causing charging station unavailability, potential data corruption, or limited code execution within device constraints.
If Mitigated
Isolated charging stations with proper network segmentation would limit impact to local charging disruption only.
🎯 Exploit Status
Buffer overflow exploitation requires specific knowledge of device memory layout and protocol handling.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.8.34 or later
Vendor Advisory: https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A8107&LanguageCode=en&DocumentPartId=&Action=Launch
Restart Required: Yes
Instructions:
1. Download firmware update from ABB portal. 2. Connect to wallbox management interface. 3. Upload and apply firmware update. 4. Reboot device to complete installation.
🔧 Temporary Workarounds
Network Segmentation
allIsolate charging stations from untrusted networks and internet exposure
Access Control Lists
allRestrict network access to charging stations to authorized management systems only
🧯 If You Can't Patch
- Deploy network monitoring for abnormal traffic patterns to charging stations
- Implement physical security controls to prevent unauthorized physical access to devices
🔍 How to Verify
Check if Vulnerable:
Check firmware version via wallbox management interface or serial consoleCheck Version:
Check via web interface at http://<wallbox-ip>/status or serial console command 'version'Verify Fix Applied:
Confirm firmware version is 1.8.34 or later after update📡 Detection & Monitoring
Log Indicators:
- Unusual connection attempts
- Firmware modification attempts
- Device crash/restart events
Network Indicators:
- Abnormal protocol traffic patterns
- Unexpected connections to charging station ports
SIEM Query:
source="wallbox" AND (event_type="crash" OR event_type="firmware_change")