github - ghsa-6rhm-r8wq-wgm6

ghsa-6rhm-r8wq-wgm6

Vulnerability from github

Published

2022-03-11 00:02

Modified

2022-03-20 00:00

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-25922"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-10T17:47:00Z",
    "severity": "CRITICAL"
  },
  "details": "Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.",
  "id": "GHSA-6rhm-r8wq-wgm6",
  "modified": "2022-03-20T00:00:37Z",
  "published": "2022-03-11T00:02:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25922"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-25922 (GCVE-0-2022-25922)

Vulnerability from cvelistv5

Published

2022-03-07 15:28

Modified

2025-04-16 16:43

Severity ?

6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-306

Summary

Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.

References

►

URL

Tags

https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Power Line Communications	PLC4TRUCKS	Version: J2497

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:44.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25922",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:56:06.000143Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:43:59.855Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PLC4TRUCKS",
          "vendor": "Power Line Communications",
          "versions": [
            {
              "status": "affected",
              "version": "J2497 "
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-07T15:28:22.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497",
      "workarounds": [
        {
          "lang": "en",
          "value": "The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \n\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\nInstall a LAMP ON firewall for each ECU\nUse a LAMP detect circuit LAMP ON sender with each trailer\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \nInstall RF chokes on each trailer between chassis ground and wiring ground\nLoad with LAMP keyhole signal on each tractor\nFlood with jamming signal on each tractor\nPlease see the publication from the NMFTA for additional details on these and other solutions."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2022-25922",
          "STATE": "PUBLIC",
          "TITLE": "ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PLC4TRUCKS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "J2497 "
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Power Line Communications"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "National Motor Freight Traffic Association, Inc. (NMFTA) researcher Ben Gardiner, NMFTA motor freight carrier members, and Assured Information Security researchers Chris Poore, Dan Salloum, and Eric Thayer reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The vulnerable technology, J2497, has been fielded since 2001 and the service lifetime of trailers is 15 to 30 years. For new equipment, the industry should consider dropping all J2497 features except for backwards-compatibility with LAMP ON detection only. For trailer equipment this means migrating all diagnostics to whatever newer trailer buses are established as the norm. For tractor equipment this means removing support for reception of any J2497 message other than LAMP messages and protecting the backwards-compatible trailers from attack. \n\nNMFTA has published detailed information about how to mitigate these issues in the following ways:\nInstall a LAMP ON firewall for each ECU\nUse a LAMP detect circuit LAMP ON sender with each trailer\nChange addresses dynamically on each tractor in response to detecting a transmitter on its current address. \nInstall RF chokes on each trailer between chassis ground and wiring ground\nLoad with LAMP keyhole signal on each tractor\nFlood with jamming signal on each tractor\nPlease see the publication from the NMFTA for additional details on these and other solutions."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-25922",
    "datePublished": "2022-03-07T15:28:22.000Z",
    "dateReserved": "2022-03-01T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:43:59.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.