CVE-2025-10504 is a heap-based buffer overflow vulnerability identified in the ABB Terra AC wallbox, a product used for electric vehicle charging. The vulnerability is classified under CWE-122, indicating that improper handling of memory buffers on the heap can lead to overflow conditions. This flaw affects versions of the Terra AC wallbox up to and including version 1.8.33. A heap-based buffer overflow occurs when a program writes more data to a buffer located on the heap than it is allocated to hold, potentially overwriting adjacent memory, which can lead to arbitrary code execution, crashes, or corruption of data. According to the CVSS 4.0 vector, the vulnerability requires local access (AV:L), has high attack complexity (AC:H), requires privileged attacker permissions (PR:H), and requires no user interaction (UI:N). The vulnerability impacts confidentiality, integrity, and availability to a high degree (VC:N, VI:H, VA:H), with limited scope (S:L) and low severity (SA:L). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was published on September 29, 2025, with the vendor ABB as the assigner. Given the nature of the device as a wallbox for EV charging, exploitation could allow an attacker with local privileged access to execute arbitrary code or cause denial of service, potentially disrupting charging operations or compromising device integrity.

For European organizations, especially those involved in electric vehicle infrastructure, energy management, or facilities management, this vulnerability poses a risk of operational disruption and potential safety hazards. The Terra AC wallbox is likely deployed in commercial, residential, and public charging stations across Europe. Exploitation could lead to denial of service, preventing EV charging and impacting mobility services. Furthermore, if attackers gain code execution, they could manipulate charging data, interfere with billing systems, or use the compromised device as a foothold into broader network environments. This is particularly critical for organizations managing large fleets of EVs or public charging infrastructure, where availability and data integrity are paramount. The requirement for local privileged access limits remote exploitation risk but does not eliminate insider threats or attacks via compromised local networks. The medium severity rating suggests a moderate but non-trivial risk that should be addressed promptly to maintain operational continuity and trust in EV infrastructure.

1. Immediate deployment of vendor-provided patches or firmware updates once available is critical. Since no patches are currently linked, organizations should monitor ABB advisories closely. 2. Restrict physical and local network access to the Terra AC wallbox devices to trusted personnel only, implementing strict access controls and network segmentation to limit exposure. 3. Employ host-based intrusion detection systems (HIDS) or endpoint protection solutions on management systems interfacing with the wallbox to detect anomalous behavior indicative of exploitation attempts. 4. Conduct regular security audits and vulnerability assessments on EV charging infrastructure to identify and remediate potential weaknesses. 5. Implement strict privilege management policies to minimize the number of users with local administrative rights on devices controlling the wallbox. 6. Establish monitoring and alerting for unusual device behavior, such as unexpected reboots or communication anomalies, which could indicate exploitation attempts. 7. Develop incident response plans specific to EV infrastructure to quickly contain and remediate any compromise related to this vulnerability.