Security Advisory

CVE-2025-12357

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-31 15:33:48

Last updated 2026-03-18 20:07:29

Assigner icscert

State PUBLISHED

Description

By manipulating the Signal Level Attenuation Characterization (SLAC) protocol with spoofed measurements, an attacker can stage a man-in-the-middle attack between an electric vehicle and chargers that comply with the ISO 15118-2 part. This vulnerability may be exploitable wirelessly, within close proximity, via electromagnetic induction.

← Browse all CVEs View on cve.org ↗