CVE-2023-0864 Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).

🗓️ 17 May 2023 07:15:52Reported by ABBType

Cleartext transmission of sensitive information vulnerability in ABB Terra AC wallbox via Bluetooth Low Energy (BLE

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the microprogramming software of ABB Terra AC wallboxes—UL40, Terra AC wallbox 80A, Terra AC wallbox UL32A, Terra AC wallbox CE MID, Terra AC wallbox CE Juno, Terra AC wallbox CE PTB, Terra AC wallbox CE Symbiosis, and Terra AC wallbox JP—is related to the transmission of data in an open manner. This allows a intruder to access the configuration data.	16 Jun 202300:00	–	bdu_fstec
Circl	CVE-2023-0864	17 May 202312:31	–	circl
CNNVD	ABB Terra AC wallbox 安全漏洞	17 May 202300:00	–	cnnvd
CVE	CVE-2023-0864	17 May 202307:15	–	cve
EUVD	EUVD-2023-12861	3 Oct 202520:07	–	euvd
NVD	CVE-2023-0864	17 May 202308:15	–	nvd
OSV	CVE-2023-0864	17 May 202308:15	–	osv
Prion	Design/Logic Flaw	17 May 202308:15	–	prion
Positive Technologies	PT-2023-3091 · Abb · Abb Terra Ac Wallbox	17 May 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-0864 Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).	17 May 202307:15	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (UL40/80A)",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.5.5",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (UL32A) ",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.6.5",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (CE)  (Terra AC MID)",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.6.5",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (CE)  Terra AC Juno CE",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.6.5",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (CE) Terra AC PTB ",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.5.25",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (CE) Symbiosis",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.2.7",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Terra AC wallbox (JP)",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "1.6.5",
        "status": "affected",
        "version": "1.0;0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx

17 May 2023 07:15Current

7.1High risk

Vulners AI Score7.1

CVSS 3.17.1

EPSS0.00156

CWE-319