// For flags

CVE-2023-0863

Authentication to access the AC wallbox via its Bluetooth Low Energy (BLE) channel can be bypassed,

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.

*Credits: ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements.
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-02-16 CVE Reserved
  • 2023-05-17 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-10-27 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Abb
Search vendor "Abb"
Terra Ac Wallbox Ul40 Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ul40 Firmware"
>= 1.0.0 < 1.5.6
Search vendor "Abb" for product "Terra Ac Wallbox Ul40 Firmware" and version " >= 1.0.0 < 1.5.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ul40
Search vendor "Abb" for product "Terra Ac Wallbox Ul40"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox 80a Firmware
Search vendor "Abb" for product "Terra Ac Wallbox 80a Firmware"
>= 1.0.0 < 1.5.6
Search vendor "Abb" for product "Terra Ac Wallbox 80a Firmware" and version " >= 1.0.0 < 1.5.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox 80a
Search vendor "Abb" for product "Terra Ac Wallbox 80a"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Ul32a Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ul32a Firmware"
>= 1.0.0 < 1.6.6
Search vendor "Abb" for product "Terra Ac Wallbox Ul32a Firmware" and version " >= 1.0.0 < 1.6.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ul32a
Search vendor "Abb" for product "Terra Ac Wallbox Ul32a"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Jp Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Jp Firmware"
>= 1.0.0 < 1.6.6
Search vendor "Abb" for product "Terra Ac Wallbox Jp Firmware" and version " >= 1.0.0 < 1.6.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Jp
Search vendor "Abb" for product "Terra Ac Wallbox Jp"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Mid Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ce Mid Firmware"
>= 1.0.0 < 1.6.6
Search vendor "Abb" for product "Terra Ac Wallbox Ce Mid Firmware" and version " >= 1.0.0 < 1.6.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Mid
Search vendor "Abb" for product "Terra Ac Wallbox Ce Mid"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Juno Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ce Juno Firmware"
>= 1.0.0 < 1.6.6
Search vendor "Abb" for product "Terra Ac Wallbox Ce Juno Firmware" and version " >= 1.0.0 < 1.6.6"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Juno
Search vendor "Abb" for product "Terra Ac Wallbox Ce Juno"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Ptb Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ce Ptb Firmware"
>= 1.0.0 < 1.5.26
Search vendor "Abb" for product "Terra Ac Wallbox Ce Ptb Firmware" and version " >= 1.0.0 < 1.5.26"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Ptb
Search vendor "Abb" for product "Terra Ac Wallbox Ce Ptb"
--
Safe
Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Symbiosis Firmware
Search vendor "Abb" for product "Terra Ac Wallbox Ce Symbiosis Firmware"
>= 1.0.0 < 1.2.8
Search vendor "Abb" for product "Terra Ac Wallbox Ce Symbiosis Firmware" and version " >= 1.0.0 < 1.2.8"
-
Affected
in Abb
Search vendor "Abb"
Terra Ac Wallbox Ce Symbiosis
Search vendor "Abb" for product "Terra Ac Wallbox Ce Symbiosis"
--
Safe