Authentication to access the AC wallbox via its Bluetooth Low Energy (BLE) channel can be bypassed,

Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

认证机制不恰当

ABB Terra AC wallbox 授权问题漏洞

ABB Terra AC wallbox是ABB公司的卓越的 EV 家用充电器，提供高价值的品质、面向未来的灵活性以及先进的安全和保护。 ABB Terra AC wallbox 存在安全漏洞，该漏洞源于身份验证不正确。以下产品及版本受到影响：Terra AC wallbox (UL40/80A 1.0.0版本至1.5.5版本、Terra AC wallbox (UL32A) 1.0.0版本至1.6.5版本、Terra AC wallbox (CE) (Terra AC MID) 1.0.0版本至1.6.

N/A

N/A