---
title: "Critical Heap Overflow Vulnerability in ABB Terra AC EV Chargers: What You Need to Know"
short_title: "Critical flaw in ABB Terra AC EV chargers exposes systems"
description: "ABB Terra AC wallboxes face a critical heap-based buffer overflow vulnerability (CVE-2025-5517). Learn about risks, affected versions, and mitigation steps to secure your infrastructure."
author: "Vitus"
date: 2024-10-22
categories: [Cybersecurity, Vulnerabilities]
tags: [abb, ev-chargers, cve-2025-5517, heap-overflow, ocpp]
score: 0.85
cve_ids: [CVE-2025-5517]
---
## TL;DR
ABB has disclosed a critical heap-based buffer overflow vulnerability (CVE-2025-5517) in its Terra AC electric vehicle (EV) chargers. If exploited, attackers could remotely take control of affected devices, alter firmware behavior, or cause denial-of-service (DoS) conditions. Users are urged to update to the latest firmware versions and enforce secure communication protocols like HTTPS to mitigate risks.
Main Content
### Introduction
Electric vehicle (EV) charging infrastructure is rapidly expanding, but with this growth comes an increased risk of cybersecurity threats. ABB, a global leader in EV charging solutions, has issued an urgent advisory regarding a critical vulnerability in its Terra AC wallbox chargers. Tracked as CVE-2025-5517, this heap-based buffer overflow flaw could allow attackers to remotely compromise affected devices, leading to unauthorized control, firmware manipulation, or disruptive attacks.
This article explores the technical details of the vulnerability, its potential impact, and the steps organizations must take to secure their EV charging infrastructure.
### Key Points
- Vulnerability: Heap-based buffer overflow (CVE-2025-5517) in ABB Terra AC EV chargers.
- Affected Versions: Multiple Terra AC wallbox models running firmware versions ≤1.8.34.
- Exploitation Risk: Attackers can remotely exploit the flaw via crafted OCPP messages sent through unsecured or hijacked Charging Station Management Systems (CSMS).
- Impact: Remote code execution, firmware alteration, denial-of-service (DoS), and compromised internal state.
- Mitigation: Apply firmware updates immediately and enforce HTTPS (TLS) for OCPP communication.
Technical Details
#### The Vulnerability
CVE-2025-5517 is a heap-based buffer overflow vulnerability in ABB Terra AC EV chargers. The flaw arises from inadequate validation of OCPP (Open Charge Point Protocol) message fields, allowing attackers to send specially crafted messages that pollute heap memory. Successful exploitation could enable attackers to:
- Take remote control of the charger.
- Alter firmware behavior by writing to flash memory.
- Disrupt operations through denial-of-service (DoS) attacks.
- Execute arbitrary code on the affected device.
#### Attack Vector
The vulnerability can be exploited in two primary scenarios:
1. Unsecured OCPP Communication: If the charger communicates with the CSMS via unencrypted HTTP, attackers can intercept and manipulate messages.
2. Hijacked CSMS: Attackers who compromise the CSMS can send malicious OCPP messages directly to connected chargers.
The CVSS 3.1 base score for this vulnerability is 6.8 (Medium), with the following metrics:
- Attack Vector (AV): Network (remote exploitation possible).
- Attack Complexity (AC): High (requires specific conditions, such as unsecured communication or CSMS compromise).
- Privileges Required (PR): Low (attacker needs access to the network or CSMS).
- User Interaction (UI): None.
- Scope (S): Unchanged (impact is limited to the vulnerable device).
- Confidentiality (C): None.
- Integrity (I): High (firmware manipulation possible).
- Availability (A): High (DoS or remote code execution possible).
Impact Assessment
#### Affected Systems
The following ABB Terra AC wallbox models and firmware versions are affected:
- Terra AC wallbox (UL40/80A): ≤1.8.32, 1.8.33
- Terra AC wallbox (UL32A): ≤1.8.2, 1.8.34
- Terra AC wallbox (MID/CE): ≤1.8.32, 1.8.34
- Terra AC wallbox (JP): ≤1.8.2, 1.8.34
#### Critical Infrastructure at Risk
ABB Terra AC chargers are deployed across multiple critical infrastructure sectors, including:
- Commercial Facilities
- Critical Manufacturing
- Energy
- Transportation Systems
Given the global deployment of these chargers, the vulnerability poses a significant risk to organizations relying on EV infrastructure for operations.
#### Potential Consequences
If exploited, this vulnerability could lead to:
- Operational Disruptions: DoS attacks could render chargers inoperable, impacting EV fleets and public charging networks.
- Safety Risks: Unauthorized firmware modifications could compromise the safety and reliability of charging systems.
- Data Integrity Issues: Attackers could manipulate charging data, leading to billing discrepancies or fraud.
- Lateral Movement: Compromised chargers could serve as entry points for further attacks on connected networks.
Mitigation Steps
#### Immediate Actions
1. Apply Firmware Updates:
ABB has released patched firmware versions for all affected models. Users should update to the following versions or later:
- Terra AC wallbox (UL40/80A): 1.8.33
- Terra AC wallbox (UL32A): 1.8.34
- Terra AC MID/CE: 1.8.34
- Terra AC wallbox (JP): 1.8.34
2. Enforce Secure Communication:
- Replace HTTP with HTTPS (TLS) for all OCPP communication between chargers and the CSMS.
- Ensure that all network traffic to and from chargers is encrypted and authenticated.
3. Isolate Charging Networks:
- Segment EV charging networks from business networks using firewalls.
- Restrict access to charging infrastructure to authorized personnel only.
4. Monitor for Suspicious Activity:
- Deploy intrusion detection systems (IDS) to monitor for unusual OCPP traffic or unauthorized access attempts.
- Regularly audit CSMS logs for signs of compromise.
#### Long-Term Recommendations
- Adopt Defense-in-Depth Strategies: Implement layered security measures, such as network segmentation, multi-factor authentication (MFA), and regular vulnerability assessments.
- Stay Informed: Subscribe to ABB’s security advisories and CISA alerts to receive timely updates on emerging threats.
- Conduct Risk Assessments: Evaluate the potential impact of EV charger vulnerabilities on your organization’s operations and infrastructure.
### Workarounds
If immediate firmware updates are not feasible, organizations can reduce risk by:
- Disabling Unsafe Communication Modes: Ensure that all OCPP communication uses HTTPS (TLS) instead of HTTP.
- Securing the CSMS: Harden the Charging Station Management System against unauthorized access by implementing strong authentication and access controls.
- Network Monitoring: Deploy tools to detect and block malicious OCPP messages in real time.
## Conclusion
The CVE-2025-5517 heap-based buffer overflow vulnerability in ABB Terra AC EV chargers highlights the growing cybersecurity risks facing critical infrastructure, including EV charging networks. While the vulnerability requires specific conditions for exploitation, its potential impact—ranging from remote code execution to operational disruptions—demands immediate action.
Organizations using ABB Terra AC chargers must apply firmware updates, enforce secure communication protocols, and implement robust network security measures to mitigate risks. As EV infrastructure continues to expand, proactive cybersecurity practices will be essential to safeguarding these systems against evolving threats.
For more information, refer to ABB’s official advisory and CISA’s recommendations on securing industrial control systems.
## References
[^1]: ABB PSIRT. "Security Advisory: Heap-Based Buffer Overflow in Terra AC Wallboxes". Retrieved 2024-10-22.
[^2]: CISA. "ICS Advisory (ICSA-26-146-01): ABB Terra AC Vulnerability". Retrieved 2024-10-22.
[^3]: CVE Details. "CVE-2025-5517". Retrieved 2024-10-22.
[^4]: MITRE. "CWE-122: Heap-based Buffer Overflow". Retrieved 2024-10-22.