CVE-2022-26131 (GCVE-0-2022-26131)
Vulnerability from cvelistv5
Published
2022-03-07 15:28
Modified
2025-04-16 16:43
Severity ?
9.3 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
CWE
Summary
Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.
References
Impacted products
Vendor Product Version
Power Line Communications PLC4TRUCKS Version: J2497
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:56:37.802Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-26131",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:55:58.140125Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:43:51.973Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PLC4TRUCKS",
          "vendor": "Power Line Communications",
          "versions": [
            {
              "status": "affected",
              "version": "J2497 "
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1319",
              "description": "CWE-1319",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-07T15:28:28.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ICSA-22-063-01 Improper Protection against Electromagnetic Fault Injection in Trailer Power Line Communications (PLC) J2497",
      "workarounds": [
        {
          "lang": "en",
          "value": "The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \n\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\nInstall a LAMP ON firewall for each ECU\nUse a LAMP detect circuit LAMP ON sender with each trailer\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \nInstall RF chokes on each trailer between chassis ground and wiring ground\nLoad with LAMP keyhole signal on each tractor\nFlood with jamming signal on each tractor\nPlease see the publication from the NMFTA for additional details on these and other solutions."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2022-26131",
          "STATE": "PUBLIC",
          "TITLE": "ICSA-22-063-01 Improper Protection against Electromagnetic Fault Injection in Trailer Power Line Communications (PLC) J2497"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PLC4TRUCKS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "J2497 "
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Power Line Communications"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1319"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \n\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\nInstall a LAMP ON firewall for each ECU\nUse a LAMP detect circuit LAMP ON sender with each trailer\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \nInstall RF chokes on each trailer between chassis ground and wiring ground\nLoad with LAMP keyhole signal on each tractor\nFlood with jamming signal on each tractor\nPlease see the publication from the NMFTA for additional details on these and other solutions."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-26131",
    "datePublished": "2022-03-07T15:28:28.000Z",
    "dateReserved": "2022-03-01T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:43:51.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-26131\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-03-10T17:47:32.123\",\"lastModified\":\"2024-11-21T06:53:29.633\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.\"},{\"lang\":\"es\",\"value\":\"Los receptores de remolque PLC4TRUCKS J2497 de Power Line Communications son susceptibles de recibir se\u00f1ales remotas inducidas por RF\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1319\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hegemonelectronics:plc4trucks_firmware:j2497:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"774D3BA3-3A55-4B22-AA73-1D00E77459C0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hegemonelectronics:plc4trucks:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2D5DA42-3968-479B-821F-539E853F5178\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:56:37.802Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-26131\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T15:55:58.140125Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T15:56:02.328Z\"}}], \"cna\": {\"title\": \"ICSA-22-063-01 Improper Protection against Electromagnetic Fault Injection in Trailer Power Line Communications (PLC) J2497\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Power Line Communications\", \"product\": \"PLC4TRUCKS\", \"versions\": [{\"status\": \"affected\", \"version\": \"J2497 \"}]}], \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \\n\\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\\nInstall a LAMP ON firewall for each ECU\\nUse a LAMP detect circuit LAMP ON sender with each trailer\\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \\nInstall RF chokes on each trailer between chassis ground and wiring ground\\nLoad with LAMP keyhole signal on each tractor\\nFlood with jamming signal on each tractor\\nPlease see the publication from the NMFTA for additional details on these and other solutions.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1319\", \"description\": \"CWE-1319\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-03-07T15:28:28.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA.\"}], \"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"J2497 \", \"version_affected\": \"=\"}]}, \"product_name\": \"PLC4TRUCKS\"}]}, \"vendor_name\": \"Power Line Communications\"}]}}, \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-1319\"}]}]}, \"work_around\": [{\"lang\": \"en\", \"value\": \"The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \\n\\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\\nInstall a LAMP ON firewall for each ECU\\nUse a LAMP detect circuit LAMP ON sender with each trailer\\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \\nInstall RF chokes on each trailer between chassis ground and wiring ground\\nLoad with LAMP keyhole signal on each tractor\\nFlood with jamming signal on each tractor\\nPlease see the publication from the NMFTA for additional details on these and other solutions.\"}], \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-26131\", \"STATE\": \"PUBLIC\", \"TITLE\": \"ICSA-22-063-01 Improper Protection against Electromagnetic Fault Injection in Trailer Power Line Communications (PLC) J2497\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-26131\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T16:43:51.973Z\", \"dateReserved\": \"2022-03-01T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-03-07T15:28:28.000Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.