CVE-2022-26131

Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals...

CVE-2022-25922

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-25922

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

Design/Logic Flaw

Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals...

Authorization

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-26131

CVE-2022-26131 affects Power Line Communications PLC4TRUCKS J2497 (PLC) trailer receivers. Technical details in connected docs show Improper Protection against Electromagnetic Fault Injection (CWE-1319) with a CVSSv3 base score of 9.3, and related Missing Authentication for Critical Function (CWE...

CVE-2022-25922 ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-25922

CVE-2022-25922 affects the Power Line Communications PLC4TRUCKS J2497 trailer brake controllers, where diagnostic functions can be invoked by replaying J2497 messages due to missing authentication/authorization for critical functions. This allows a remote attacker on the network/vehicle bus to tr...

Trailer Power Line Communications 访问控制错误漏洞

Trailer Power Line Communications is a bi-directional serial communication link on vehicle power lines from Transportation Systems Sector. An access control error vulnerability exists in Trailer Power Line Communications PLC J2497, which can be exploited by an attacker to invoke the device's brak...

Trailer Power Line Communications (PLC) J2497

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Equipment: Power Line Communications PLC: J2497 a.k.a. PLC4TRUCKS Vulnerabilities: Missing Authentication for Critical Function, Improper Protection against Electromagnetic Fault Injection 2. RISK EVALUATION...