CVE-2023-0863

Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ul40_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ul40:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_80a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_80a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ul32a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ul32a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_jp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_jp:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ce_mid_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ce_mid:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ce_juno_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ce_juno:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ce_ptb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ce_ptb:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:abb:terra_ac_wallbox_ce_symbiosis_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:terra_ac_wallbox_ce_symbiosis:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:37

Type	Values Removed	Values Added
References	~~() https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch - Vendor Advisory~~	() https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch - Vendor Advisory

Information

Published : 2023-05-17 08:15

Updated : 2024-11-21 07:37

NVD link : CVE-2023-0863

Mitre link : CVE-2023-0863

CVE.ORG link : CVE-2023-0863

JSON object : View

Products Affected

abb

terra_ac_wallbox_ul40_firmware
terra_ac_wallbox_ce_symbiosis_firmware
terra_ac_wallbox_ul40
terra_ac_wallbox_ce_juno
terra_ac_wallbox_ce_juno_firmware
terra_ac_wallbox_ce_mid
terra_ac_wallbox_jp_firmware
terra_ac_wallbox_ce_symbiosis
terra_ac_wallbox_80a_firmware
terra_ac_wallbox_ul32a_firmware
terra_ac_wallbox_jp
terra_ac_wallbox_80a
terra_ac_wallbox_ce_ptb_firmware
terra_ac_wallbox_ce_ptb
terra_ac_wallbox_ce_mid_firmware
terra_ac_wallbox_ul32a

CWE

CWE-287

Improper Authentication

{"id": "CVE-2023-0863", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-05-17T08:15:08.510", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch", "tags": ["Vendor Advisory"], "source": "cybersecurity@ch.abb.com"}, {"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\n\n"}], "lastModified": "2024-11-21T07:37:59.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ul40_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B685842D-EA64-4A3F-ABF9-F0F1B8F852B0", "versionEndExcluding": "1.5.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ul40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BCC60C7F-468E-491F-9B1F-7F49713E6715"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_80a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD4A0D52-102B-4B87-B62F-E6CF400595FF", "versionEndExcluding": "1.5.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_80a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A13EE7D-F159-4F32-8ECE-16452ABB84D1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ul32a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12ABA7C2-C7B9-4A57-8DD0-8C31E01AAFFB", "versionEndExcluding": "1.6.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ul32a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87F2647E-594F-4AFE-9F1C-26A64C06BBB7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_jp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C177EB89-AECB-43B4-86C4-395C6E09C2FD", "versionEndExcluding": "1.6.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_jp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11149871-3406-4120-B1AF-A507D72E3E98"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_mid_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63F1B597-42D0-4EDF-883B-B91349991A69", "versionEndExcluding": "1.6.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_mid:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1437728-6D9B-4740-B904-BF4B41CD54DB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_juno_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1D1F228-AC66-42A7-88EB-86F7F1C6098B", "versionEndExcluding": "1.6.6", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_juno:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C762F36F-D705-49F7-B8FC-8801F03B6048"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_ptb_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAC89B65-BFE1-4BA9-87F4-D2BA0851012E", "versionEndExcluding": "1.5.26", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_ptb:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF28AFF4-3A99-4523-9DBF-4D7D4401C689"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_symbiosis_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6C630D7-5EE5-4E29-863C-72130F562ABB", "versionEndExcluding": "1.2.8", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_symbiosis:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "40F3A4FB-7933-497B-B85D-73724A9ED60A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cybersecurity@ch.abb.com"}

8.8 /10