[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fobDuDySzgl7AEAhyu1K0gLVEg_-2I2qPQO5q_yPa1AM":3},{"lesson":4},{"id":5,"slug":6,"article_id":7,"title":8,"body":9,"prevention":10,"framework_refs":11,"status":17,"created_at":18,"published_at":19,"article":20,"tags":23},"850388e7-0c81-4fe1-8cf9-861a3c7aebda","memory-corruption-vulnerabilities-in-abb-ev-charging-infrastructure","1fac00c0-edc1-4e72-9c90-6a663ffd88b4","Memory Corruption Vulnerabilities in ABB EV Charging Infrastructure","ABB Terra AC Wallbox chargers contain three critical memory corruption vulnerabilities that allow attackers to pollute heap, BSS, and stack memory through malformed Bluetooth messages, potentially enabling remote firmware modification. These vulnerabilities affect widely deployed electric vehicle charging infrastructure, representing a significant risk to critical energy systems. While exploitation requires prior Bluetooth hijacking due to encrypted communication, successful attacks could compromise charging station functionality and potentially impact power grid stability. The incident highlights the importance of proactive vulnerability management and rapid patching for IoT devices in critical infrastructure.","**Immediate actions:**\n- Update all ABB Terra AC Wallbox systems to version 1.8.36 or later immediately\n- Conduct vulnerability scans on all IoT and industrial control systems to identify similar risks\n- Disable Bluetooth functionality on charging stations where not operationally required\n\n**Long-term improvements:**\n- Implement automated patch management systems for critical infrastructure devices\n- Establish regular security assessments for all connected industrial equipment\n- Create network segmentation to isolate charging infrastructure from corporate networks\n\n**Monitoring measures:**\n- Deploy network monitoring to detect unusual Bluetooth communication patterns\n- Implement integrity monitoring for firmware on critical infrastructure devices",[12,13,14,15,16],"CIS Control 7","NIST SP 800-40","NIST SP 800-82","IEC 62443-3-3","ISO 27001 A.12.6.1","published","2026-05-22T05:31:33.535502+00:00","2026-05-22T05:31:33.43+00:00",{"id":7,"url":21,"title":22},"https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-141-05","ABB Terra AC Wallbox",[24,30],{"id":25,"name":26,"slug":27,"description":28,"color":29},"05757c8d-6b93-4194-b35d-7359e7d33b0e","Vulnerability Management","vulnerability-management","Missing scans, no risk prioritization","#fb923c",{"id":31,"name":32,"slug":33,"description":34,"color":35},"af7fce9e-1ce8-4156-93bc-09dcfbfdf29d","Patch Management","patch-management","Unpatched vulnerabilities, delayed updates","#ef4444"]