CVE-2025-5517 is a heap-based buffer overflow vulnerability classified under CWE-122, affecting ABB Terra AC wallbox models including UL40/80A, UL32A, and several MID/CE variants. The vulnerability exists in firmware versions up to 1.8.32 for most models and 1.8.2 for others. A heap-based buffer overflow occurs when the device improperly handles input data, leading to memory corruption. This can allow an attacker to overwrite critical memory regions, potentially resulting in denial of service or unauthorized code execution. The CVSS 4.0 vector indicates the attack can be performed remotely over the network (AV:N), requires high attack complexity (AC:H), partial authentication (PR:L, AT:P), and no user interaction (UI:N). The impact on confidentiality is none, but integrity and availability impacts are high. The vulnerability does not require physical access or user interaction, increasing its risk profile. No known exploits have been reported yet, and no patches are currently available, indicating the need for proactive defensive measures. The affected devices are widely deployed in electric vehicle charging infrastructure, which is critical for energy transition efforts and smart grid integration.

For European organizations, this vulnerability poses a significant risk to electric vehicle charging infrastructure, which is increasingly vital as Europe pushes for widespread EV adoption and decarbonization. Exploitation could lead to denial of service, disrupting charging availability and impacting businesses, public charging stations, and residential users. Integrity compromise could allow attackers to manipulate charging parameters or firmware, potentially causing safety hazards or damaging equipment. Given ABB’s strong market presence in Europe and the strategic importance of EV infrastructure, disruption could have cascading effects on energy management and grid stability. Critical infrastructure operators, municipalities, and large fleet operators are particularly at risk. The medium severity rating suggests a moderate but non-negligible threat, especially if combined with other vulnerabilities or insider threats. The lack of patches and known exploits means organizations must rely on preventive controls until updates are released.

1. Implement strict network segmentation to isolate ABB Terra AC wallboxes from broader enterprise and critical network segments, limiting exposure to potential attackers. 2. Enforce strong authentication and access controls on management interfaces to reduce the risk of partial authentication exploitation. 3. Monitor network traffic for unusual patterns or attempts to exploit buffer overflow conditions, using IDS/IPS tuned for anomalies related to ABB device protocols. 4. Maintain asset inventories to identify all affected ABB Terra AC wallbox models and firmware versions deployed. 5. Engage with ABB support channels to obtain firmware updates or patches as soon as they become available and prioritize timely deployment. 6. Consider deploying compensating controls such as application-layer firewalls or VPNs to restrict remote access to charging stations. 7. Conduct regular security assessments and penetration testing focused on EV charging infrastructure to detect potential exploitation attempts. 8. Educate operational technology (OT) and security teams about this specific vulnerability and its implications to ensure rapid incident response readiness.