CVE-2025-12142 is a buffer overflow vulnerability classified under CWE-120 affecting ABB Terra AC wallbox devices through version 1.8.33. This vulnerability stems from improper input validation during buffer copy operations, where the size of the input data is not checked before copying, leading to potential memory corruption. The vulnerability requires an attacker to have high privileges and access via an adjacent network vector, meaning the attacker must be on the same or a logically adjacent network segment. No user interaction is needed, and no authentication bypass is involved beyond the prerequisite high privileges. The impact includes potential partial denial of service due to memory corruption and possible data integrity violations, though confidentiality impact is not indicated. The CVSS 4.0 base score is 6.9 (medium), reflecting the moderate ease of exploitation given the privilege requirements and the significant but not total impact on system availability and integrity. Currently, no public exploits or patches are available, indicating that the vulnerability is newly disclosed and not yet actively exploited. ABB Terra AC wallboxes are used in electric vehicle charging infrastructure, making this vulnerability relevant to organizations managing EV charging stations. The lack of patches necessitates interim mitigations focusing on access control and network segmentation to reduce exposure. Monitoring for unusual activity on affected devices is also recommended to detect potential exploitation attempts.

For European organizations, the vulnerability poses a risk primarily to the availability and integrity of ABB Terra AC wallbox devices, which are integral components of EV charging infrastructure. Disruption or compromise of these devices could lead to partial denial of service, affecting EV charging availability and potentially causing operational disruptions in facilities relying on these chargers. Data integrity issues could undermine trust in device telemetry or operational parameters, complicating maintenance and billing processes. Given the increasing adoption of electric vehicles across Europe, especially in countries with strong EV markets, this vulnerability could impact critical infrastructure supporting transportation and energy sectors. Organizations operating large EV charging networks or managing public charging stations may face operational and reputational risks if the vulnerability is exploited. The requirement for high privileges and adjacent network access somewhat limits the attack surface but does not eliminate risk, especially in environments with insufficient network segmentation or weak administrative controls. The absence of known exploits reduces immediate risk but does not preclude future exploitation attempts, necessitating proactive mitigation.

1. Restrict administrative and privileged access to ABB Terra AC wallbox devices strictly to trusted personnel and systems, using strong authentication and authorization controls. 2. Implement network segmentation to isolate EV charging infrastructure from general corporate or public networks, limiting adjacent network access vectors. 3. Monitor network traffic and device logs for anomalous behavior indicative of exploitation attempts, such as unexpected crashes or memory errors. 4. Prepare for rapid deployment of patches or firmware updates from ABB once they become available; establish communication channels with ABB support for timely updates. 5. Conduct regular security audits and vulnerability assessments of EV charging infrastructure to identify and remediate potential weaknesses. 6. Employ intrusion detection/prevention systems (IDS/IPS) tuned to detect buffer overflow exploitation patterns targeting these devices. 7. Educate operational technology (OT) and IT teams about this vulnerability to ensure coordinated response and awareness. 8. Consider deploying compensating controls such as application-layer firewalls or protocol filtering to reduce attack surface until patches are available.