CVE-2023-0863 in Terra AC
Summary
by MITRE • 05/17/2023
Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/17/2023
The vulnerability identified as CVE-2023-0863 represents a critical improper authentication flaw within ABB Terra AC wallbox series devices, affecting multiple variants including UL40/80A, UL32A, and various CE-certified models. This authentication weakness stems from inadequate verification mechanisms that allow unauthorized entities to bypass legitimate user authentication processes. The affected devices operate across different regulatory standards including UL and CE certifications, indicating the vulnerability spans across multiple regional compliance frameworks. The vulnerability impacts firmware versions ranging from 1.0.0 through 1.6.5 for most variants, with some specific models like Terra AC PTB having a slightly earlier end version of 1.5.25. This authentication failure creates a significant security risk for electric vehicle charging infrastructure, as it could enable malicious actors to gain unauthorized access to charging sessions and potentially manipulate charging parameters.
The technical implementation of this vulnerability manifests through insufficient credential validation mechanisms within the wallbox's authentication framework. Attackers can exploit this weakness to perform unauthorized access to charging sessions, potentially leading to unauthorized charging activities, billing manipulation, or even physical security compromise of the charging infrastructure. The flaw likely resides in the device's communication protocols where authentication tokens or credentials are either not properly validated, not adequately secured during transmission, or where session management fails to properly enforce access controls. This vulnerability aligns with CWE-287, which addresses improper authentication issues, and represents a direct violation of the principle of least privilege in security design. The authentication mechanism fails to properly verify user credentials, potentially allowing attackers to impersonate legitimate users or system administrators.
The operational impact of this vulnerability extends beyond simple unauthorized access to encompass potential financial loss, safety risks, and infrastructure compromise. In electric vehicle charging environments, unauthorized access could lead to fraudulent charging sessions, where attackers consume electricity without proper payment authorization. The vulnerability may also enable attackers to manipulate charging parameters, potentially causing overheating, electrical damage, or safety hazards. Given that these wallboxes are deployed in commercial and residential settings, the compromise could result in significant financial losses for both facility operators and utility companies. The vulnerability affects multiple models across different certification standards, suggesting a systemic issue within the firmware development process that requires immediate remediation across the entire product line.
Mitigation strategies for this vulnerability must address both immediate operational concerns and long-term security architecture improvements. Immediate actions should include firmware updates from ABB to patch the authentication mechanisms, along with network segmentation to isolate charging infrastructure from critical operational systems. Security controls should implement robust credential management including strong password policies, multi-factor authentication where possible, and proper session timeout mechanisms. Organizations should conduct comprehensive vulnerability assessments of their charging infrastructure to identify potential exploitation vectors and implement network monitoring to detect unauthorized access attempts. The remediation process should follow industry best practices for firmware security and include secure boot mechanisms, encrypted communication channels, and proper access control lists. Additionally, regular security audits and penetration testing should be conducted to ensure ongoing protection against similar authentication-related vulnerabilities that may emerge in the charging infrastructure ecosystem.