Terra AC wallbox Heap Memory Corruption Vulnerability

MonitorCVSS 6.89akk108471a8948Oct 20, 2025

ABB

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityHigh

User InteractionNone needed

Summary

ABB Terra AC wallbox models contain a heap memory corruption vulnerability (CWE-122) that could allow a remote attacker to gain code execution. An attacker exploiting this could corrupt heap memory to take remote control of the wallbox and write malicious firmware to the device flash memory, altering its charging behavior. Affected versions: Terra AC wallbox (UL40/80A) ≤1.8.32, Terra AC wallbox (UL32A) ≤1.8.2, Terra AC MID ≤1.8.32, Terra AC Juno CE ≤1.8.32, Terra AC PTB ≤1.8.21, and Terra AC wallbox (JP) ≤1.8.2. ABB also recommends using HTTPS/TLS encryption (not HTTP) for all OCPP connections to prevent man-in-the-middle attacks.

What this means

What could happen

An attacker could corrupt heap memory on the wallbox to gain remote control and modify the device firmware, potentially altering charging behavior or disabling the charger. This affects customer charging operations and could be used to impact grid stability if multiple chargers are compromised.

Who's at risk

Electric vehicle charging operators and fleet managers using ABB Terra AC wallbox chargers (all regional variants: UL, CE, MID, JP). This affects both public charging networks and private/commercial charging installations that manage multiple chargers.

How it could be exploited

An attacker with network access to the wallbox could send a specially crafted message over the network to trigger heap memory corruption. If successful, the attacker gains code execution and can write new firmware to the device, giving them persistent control over charging operations.

Prerequisites

Network access to the Terra AC wallbox
Requires low-level API/protocol knowledge to craft the malicious message
Wallbox must be running one of the affected firmware versions

remotely exploitablerequires authentication or network accesslow complexity attackaffects EV charging infrastructurecan lead to firmware modification

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (6)

6 with fix

ProductAffected VersionsFix Status

Terra AC wallbox (UL40/80A) <=1.8.32≤ 1.8.321.8.33

Terra AC wallbox (UL32A) <=1.8.2≤ 1.8.21.8.34

Terra AC wallbox (MID/ CE) Terra AC MID <=1.8.32≤ 1.8.321.8.34

Terra AC wallbox (MID/ CE) Terra AC Juno CE <=1.8.32≤ 1.8.321.8.34

Terra AC wallbox (MID/ CE) Terra AC PTB <=1.8.21≤ 1.8.211.8.33

Terra AC wallbox (JP) <=1.8.2≤ 1.8.21.8.34

Remediation & Mitigation

0/8

Do now

0/2

WORKAROUNDRestrict network access to wallbox OCPP management interfaces to trusted backend servers only via firewall rules

HARDENINGUse HTTPS/TLS encryption (not HTTP) for all OCPP connections between wallbox and backend management system

Schedule — requires maintenance window

0/6

Patching may require device reboot — plan for process interruption

Terra AC wallbox (UL40/80A) <=1.8.32

HOTFIXUpdate Terra AC wallbox (UL40/80A) to firmware version 1.8.33 or later

Terra AC wallbox (UL32A) <=1.8.2

HOTFIXUpdate Terra AC wallbox (UL32A) to firmware version 1.8.34 or later

All products

HOTFIXUpdate Terra AC MID to firmware version 1.8.34 or later

HOTFIXUpdate Terra AC Juno CE to firmware version 1.8.34 or later

HOTFIXUpdate Terra AC PTB to firmware version 1.8.33 or later

HOTFIXUpdate Terra AC wallbox (JP) to firmware version 1.8.34 or later

CVEs (1)

CVE-2025-5517

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0925052e-6843-4370-944f-23267e900d30

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.