Risk Summary
ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash memory to alter the firmware behavior.
CVEs (1)
Remediations
- The problem is corrected in the product versions listed as fixed in the advisory. Terra AC wallbox (UL40/80A) 1.8.33 Terra AC wallbox (UL32A) 1.8.34 Terra AC MID 1.8.34 Terra AC Juno CE 1.8.34 Terra AC PTB 1.8.33 Terra AC wallbox (JP) 1.8.34 Additionally, we strongly recommend not use unsafe mode(http) to connect your charger to your backend even though OCPP is allowed to do in this way, which absolutely could be attacked by malicious man or organization as a common knowledge. ABB recommends that customers apply the update at earliest convenience.
Affected Vendors
ABB
Affected Products (12)
ABB
·
Terra AC wallbox (UL40/80A)
<=1.8.32
ABB
·
Terra AC wallbox (UL40/80A)
1.8.33
ABB
·
Terra AC wallbox (UL32A)
<=1.8.2
ABB
·
Terra AC wallbox (UL32A)
1.8.34
ABB
·
Terra AC MID
<=1.8.32
ABB
·
Terra AC MID
1.8.34
ABB
·
Terra AC Juno CE
<=1.8.32
ABB
·
Terra AC Juno CE
1.8.34
ABB
·
Terra AC PTB
<=1.8.21
ABB
·
Terra AC PTB
1.8.33
ABB
·
Terra AC wallbox (JP)
<=1.8.2
ABB
·
Terra AC wallbox (JP)
1.8.34
Affected Sectors
Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more