Terra AC wallbox Heap Memory Corruption Vulnerability

Monitor6.89akk108471a8948Oct 20, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityHigh

User InteractionNone needed

Summary

A heap memory corruption vulnerability in ABB Terra AC wallbox firmware (multiple regional variants) allows an authenticated attacker to corrupt the device's internal memory. By exploiting this corruption, an attacker could gain remote control of the charging controller and write malicious firmware to the device's flash memory, potentially altering charging behavior or disabling safety functions.\n\nThe vulnerability affects Terra AC UL40/80A (up to v1.8.32), UL32A (up to v1.8.2), MID (up to v1.8.32), Juno CE (up to v1.8.32), PTB (up to v1.8.21), and JP (up to v1.8.2) models.

What this means

What could happen

An attacker with login credentials to the wallbox could corrupt its internal memory and gain control, potentially allowing them to alter charging behavior, disable safety functions, or modify the device's firmware for persistent attacks.

Who's at risk

Operators and owners of ABB Terra AC EV charging stations, particularly those deployed at commercial sites, municipal charging networks, and fleet facilities. All regional variants are affected (UL North America, CE Europe, MID Europe, PTB Germany, JP Japan).

How it could be exploited

An attacker with valid credentials connects to the Terra AC wallbox over the network and sends a malformed message designed to overflow the heap memory, corrupting the device's internal data structures. Once memory is corrupted, the attacker can write arbitrary code to the device's flash memory, gaining persistent control over the charging controller.

Prerequisites

Valid login credentials for the Terra AC wallbox
Network connectivity to the wallbox (OCPP backend or direct access)
Knowledge of the specific memory corruption payload

Requires valid credentialsMedium complexity exploitationCan lead to firmware modificationAffects charging infrastructure safety

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (6)

6 with fix

ProductAffected VersionsFix Status

Terra AC wallbox (UL40/80A) <=1.8.32≤ 1.8.321.8.33

Terra AC wallbox (UL32A) <=1.8.2≤ 1.8.21.8.34

Terra AC wallbox (MID/ CE) Terra AC MID <=1.8.32≤ 1.8.321.8.34

Terra AC wallbox (MID/ CE) Terra AC Juno CE <=1.8.32≤ 1.8.321.8.34

Terra AC wallbox (MID/ CE) Terra AC PTB <=1.8.21≤ 1.8.211.8.33

Terra AC wallbox (JP) <=1.8.2≤ 1.8.21.8.34

Remediation & Mitigation

0/8

Do now

0/1

HARDENINGUse secure HTTPS (not HTTP) for all OCPP backend connections to prevent interception and man-in-the-middle attacks

Schedule — requires maintenance window

0/6

Patching may require device reboot — plan for process interruption

Terra AC wallbox (UL40/80A) <=1.8.32

HOTFIXUpdate Terra AC wallbox (UL40/80A) to firmware version 1.8.33 or later

Terra AC wallbox (UL32A) <=1.8.2

HOTFIXUpdate Terra AC wallbox (UL32A) to firmware version 1.8.34 or later

All products

HOTFIXUpdate Terra AC MID to firmware version 1.8.34 or later

HOTFIXUpdate Terra AC Juno CE to firmware version 1.8.34 or later

HOTFIXUpdate Terra AC PTB to firmware version 1.8.33 or later

HOTFIXUpdate Terra AC wallbox (JP) to firmware version 1.8.34 or later

Long-term hardening

0/1

HARDENINGRestrict network access to wallbox management interfaces to trusted IP addresses or VLANs

CVEs (1)

CVE-2025-5517

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0925052e-6843-4370-944f-23267e900d30