CVE-2024-12054

Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
13/02/2025
Last modified:
13/02/2025

Description

ZF Roll Stability Support Plus (RSSPlus) <br /> is vulnerable to an authentication bypass vulnerability targeting <br /> deterministic RSSPlus SecurityAccess service seeds, which may allow an <br /> attacker to remotely (proximal/adjacent with RF equipment or via pivot <br /> from J2497 telematics devices) call diagnostic functions intended for <br /> workshop or repair scenarios. This can impact system availability, <br /> potentially degrading performance or erasing software, however the <br /> vehicle remains in a safe vehicle state.