Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497
Vulnerability Description
Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Trailer Power Line Communications 访问控制错误漏洞
Vulnerability Description
Trailer Power Line Communications是Transportation Systems Sector的车辆电源线上的双向串行通信链路。 Trailer Power Line Communications (PLC) J2497存在访问控制错误漏洞,攻击者可利用该漏洞通过重播J2497消息调用设备的制动控制器执行诊断功能。
CVSS Information
N/A
Vulnerability Type
N/A