Main Vulnerability Database Vulnerabilities #VU61040

#VU61040 Improper Protection against Electromagnetic Fault Injection in J2497 - CVE-2022-26131

Published: March 7, 2022

Vulnerability identifier: #VU61040

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-26131

CWE-ID: CWE-1319

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
J2497

Software vendor:
SAE International

Description

The vulnerability allows a remote attacker on the local network to compromise the system.

The vulnerability exists due to the trailer power line communications J2497 (PLC4TRUCKS) receivers are susceptible to remote RF induced signals.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.