CYBERSIXT Signal Over Noise
www.cisa.gov 5/21/2026, 4:21:24 PM · external

CISA Warn of Flaws in ABB Wallbox Allowing Remote Firmware Hijack

CyberSIXT Evidence Panel
Primary Source github.com
CVE Intel
CVE-2025-10504 - NVD Not in KEV 6.9 MEDIUM Patch Unknown
CVE-2025-12142 - NVD Not in KEV 6.9 MEDIUM Patch Unknown
CVE-2025-12143 - NVD Not in KEV 6.9 MEDIUM Patch Unknown
CISA KEV Not in KEV
Patch Patch Status Unknown

THE advisory from CISA (ICSA-26-141-05) dated May 21, 2026, addresses vulnerabilities in the ABB Terra AC Wallbox (version <= 1.8.33). Exploitation could lead to remote control of the device by polluting heap memory and altering firmware. Specific vulnerabilities include CVE-2025-10504, CVE-2025-12142, and CVE-2025-12143, each with a CVSS score of 6.1, indicating medium severity. Affected users are urged to update to version 1.8.36 to mitigate these risks. CISA recommends securing control systems by minimizing internet exposure and using firewalls and VPNs.

View Primary Source Via www.cisa.gov

Article by CyberSIXT