CVE-2022-26131

Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals...

CVE-2022-25922

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

Design/Logic Flaw

Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals...

Authorization

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-26131

CVE-2022-26131 affects Power Line Communications PLC4TRUCKS J2497 (PLC) trailer receivers. Technical details in connected docs show Improper Protection against Electromagnetic Fault Injection (CWE-1319) with a CVSSv3 base score of 9.3, and related Missing Authentication for Critical Function (CWE...

CVE-2022-25922 ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions...

CVE-2022-25922

CVE-2022-25922 affects the Power Line Communications PLC4TRUCKS J2497 trailer brake controllers, where diagnostic functions can be invoked by replaying J2497 messages due to missing authentication/authorization for critical functions. This allows a remote attacker on the network/vehicle bus to tr...

Trailer Power Line Communications

1. EXECUTIVE SUMMARY CVSS v3 4.3 Vendor: Multiple Trailer and Brake Manufacturers Equipment: Power Line Communications Bus / PLC4TRUCKS / J2497 Vulnerability: Exposure of Sensitive Information Through Sent Data 2. RISK EVALUATION The National Motor Freight Traffic Association NMFTA and Assured...