{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T18:32:38.771","vulnerabilities":[{"cve":{"id":"CVE-2022-25922","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-03-10T17:47:27.927","lastModified":"2026-06-17T04:34:29.857","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Power Line Communications PLC4TRUCKS J2497 trailer brake controllers implement diagnostic functions which can be invoked by replaying J2497 messages. There is no authentication or authorization for these functions."},{"lang":"es","value":"Los controladores de freno de remolque PLC4TRUCKS J2497 de Power Line Communications implementan funciones de diagnóstico que pueden ser invocadas mediante la reproducción de mensajes J2497. No se presenta autenticación ni autorización para estas funciones"}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Power Line Communications","product":"PLC4TRUCKS","versions":[{"version":"J2497 ","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-16T15:56:06.000143Z","id":"CVE-2022-25922","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hegemonelectronics:plc4trucks_firmware:j2497:*:*:*:*:*:*:*","matchCriteriaId":"774D3BA3-3A55-4B22-AA73-1D00E77459C0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hegemonelectronics:plc4trucks:-:*:*:*:*:*:*:*","matchCriteriaId":"E2D5DA42-3968-479B-821F-539E853F5178"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-063-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}