CVE-2023-0864 (GCVE-0-2023-0864)

Vulnerability from cvelistv5 – Published: 2023-05-17 07:15 – Updated: 2025-01-22 16:50
VLAI?
Title
Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).
Summary
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.
Severity ?
7.1 (High)
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
ABB
References
Impacted products
Vendor Product Version
ABB Terra AC wallbox (UL40/80A) Affected: 1.0;0 , ≤ 1.5.5 (custom)
Create a notification for this product.
Credits
ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:24:34.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-0864",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T16:49:48.531006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-22T16:50:21.453Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (UL40/80A)",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.5.5",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (UL32A) ",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.6.5",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (CE)  (Terra AC MID)",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.6.5",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (CE)  Terra AC Juno CE",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.6.5",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (CE) Terra AC PTB ",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.5.25",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (CE) Symbiosis",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.2.7",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Terra AC wallbox (JP)",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "1.6.5",
              "status": "affected",
              "version": "1.0;0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements."
        }
      ],
      "datePublic": "2023-05-16T18:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).\u003cp\u003eThis issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\u003c/p\u003e"
            }
          ],
          "value": "Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319 Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-17T07:15:52.371Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2023-0864",
    "datePublished": "2023-05-17T07:15:52.371Z",
    "dateReserved": "2023-02-16T13:04:48.837Z",
    "dateUpdated": "2025-01-22T16:50:21.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ul40_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.5.6\", \"matchCriteriaId\": \"B685842D-EA64-4A3F-ABF9-F0F1B8F852B0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ul40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCC60C7F-468E-491F-9B1F-7F49713E6715\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_80a_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.5.6\", \"matchCriteriaId\": \"FD4A0D52-102B-4B87-B62F-E6CF400595FF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_80a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A13EE7D-F159-4F32-8ECE-16452ABB84D1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ul32a_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.6.6\", \"matchCriteriaId\": \"12ABA7C2-C7B9-4A57-8DD0-8C31E01AAFFB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ul32a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87F2647E-594F-4AFE-9F1C-26A64C06BBB7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_jp_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.6.6\", \"matchCriteriaId\": \"C177EB89-AECB-43B4-86C4-395C6E09C2FD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_jp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11149871-3406-4120-B1AF-A507D72E3E98\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ce_mid_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.6.6\", \"matchCriteriaId\": \"63F1B597-42D0-4EDF-883B-B91349991A69\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ce_mid:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1437728-6D9B-4740-B904-BF4B41CD54DB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ce_juno_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.6.6\", \"matchCriteriaId\": \"A1D1F228-AC66-42A7-88EB-86F7F1C6098B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ce_juno:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C762F36F-D705-49F7-B8FC-8801F03B6048\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ce_ptb_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.5.26\", \"matchCriteriaId\": \"DAC89B65-BFE1-4BA9-87F4-D2BA0851012E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ce_ptb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF28AFF4-3A99-4523-9DBF-4D7D4401C689\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:abb:terra_ac_wallbox_ce_symbiosis_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"1.2.8\", \"matchCriteriaId\": \"A6C630D7-5EE5-4E29-863C-72130F562ABB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:abb:terra_ac_wallbox_ce_symbiosis:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40F3A4FB-7933-497B-B85D-73724A9ED60A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\\n\\n\"}]",
      "id": "CVE-2023-0864",
      "lastModified": "2024-11-21T07:37:59.800",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cybersecurity@ch.abb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
      "published": "2023-05-17T08:15:08.610",
      "references": "[{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\", \"source\": \"cybersecurity@ch.abb.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cybersecurity@ch.abb.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cybersecurity@ch.abb.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-319\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-319\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-0864\",\"sourceIdentifier\":\"cybersecurity@ch.abb.com\",\"published\":\"2023-05-17T08:15:08.610\",\"lastModified\":\"2024-11-21T07:37:59.800\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-319\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-319\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ul40_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.5.6\",\"matchCriteriaId\":\"B685842D-EA64-4A3F-ABF9-F0F1B8F852B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ul40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCC60C7F-468E-491F-9B1F-7F49713E6715\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_80a_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.5.6\",\"matchCriteriaId\":\"FD4A0D52-102B-4B87-B62F-E6CF400595FF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_80a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A13EE7D-F159-4F32-8ECE-16452ABB84D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ul32a_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.6.6\",\"matchCriteriaId\":\"12ABA7C2-C7B9-4A57-8DD0-8C31E01AAFFB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ul32a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87F2647E-594F-4AFE-9F1C-26A64C06BBB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_jp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.6.6\",\"matchCriteriaId\":\"C177EB89-AECB-43B4-86C4-395C6E09C2FD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_jp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11149871-3406-4120-B1AF-A507D72E3E98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ce_mid_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.6.6\",\"matchCriteriaId\":\"63F1B597-42D0-4EDF-883B-B91349991A69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ce_mid:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1437728-6D9B-4740-B904-BF4B41CD54DB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ce_juno_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.6.6\",\"matchCriteriaId\":\"A1D1F228-AC66-42A7-88EB-86F7F1C6098B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ce_juno:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C762F36F-D705-49F7-B8FC-8801F03B6048\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ce_ptb_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.5.26\",\"matchCriteriaId\":\"DAC89B65-BFE1-4BA9-87F4-D2BA0851012E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ce_ptb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF28AFF4-3A99-4523-9DBF-4D7D4401C689\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:terra_ac_wallbox_ce_symbiosis_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.2.8\",\"matchCriteriaId\":\"A6C630D7-5EE5-4E29-863C-72130F562ABB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:terra_ac_wallbox_ce_symbiosis:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F3A4FB-7933-497B-B85D-73724A9ED60A\"}]}]}],\"references\":[{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\",\"source\":\"cybersecurity@ch.abb.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:24:34.668Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-0864\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-22T16:49:48.531006Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-22T16:48:11.841Z\"}}], \"cna\": {\"title\": \"Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"ABB acknowledges and thanks Andi Leach and Puck Meerburg who responsibly disclosed these vulnerabilities and provided valuable input on product improvements. ABB also acknowledges and thanks Lionel R. Saposnik from Saiflow who also responsibly disclosed these vulnerabilities and provided valuable input on product improvements.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (UL40/80A)\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.5.5\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (UL32A) \", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.6.5\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (CE)  (Terra AC MID)\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.6.5\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (CE)  Terra AC Juno CE\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.6.5\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (CE) Terra AC PTB \", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.5.25\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (CE) Symbiosis\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.2.7\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ABB\", \"product\": \"Terra AC wallbox (JP)\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0;0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.6.5\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-05-16T18:30:00.000Z\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).\u003cp\u003eThis issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-319\", \"description\": \"CWE-319 Cleartext Transmission of Sensitive Information\"}]}], \"providerMetadata\": {\"orgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"shortName\": \"ABB\", \"dateUpdated\": \"2023-05-17T07:15:52.371Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-0864\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-22T16:50:21.453Z\", \"dateReserved\": \"2023-02-16T13:04:48.837Z\", \"assignerOrgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"datePublished\": \"2023-05-17T07:15:52.371Z\", \"assignerShortName\": \"ABB\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.