ABB Terra AC
Summary
ABB has identified vulnerabilities in various versions of its Terra AC wallbox product. Successful exploitation could allow an attacker to corrupt heap memory, potentially gaining remote control and altering firmware behavior by writing to flash memory.
IFF Assessment
The identified vulnerabilities allow for potential remote control and firmware alteration, posing a significant risk to the affected devices and critical infrastructure.
Severity
The CVSS score of 6.8 reflects a Heap-based Buffer Overflow vulnerability that can be exploited remotely via unencrypted communication, leading to potential control of the device and firmware manipulation.
Defender Context
Defenders should be aware of this vulnerability affecting ABB Terra AC devices used in critical infrastructure sectors. It is crucial to ensure that affected devices are updated to the latest firmware versions and that communication channels to management systems are secured, preferably avoiding unencrypted modes.