{"uuid": "c96a7377-f10f-481e-8295-c15d34a83d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4408", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12054\n\ud83d\udd25 CVSS Score: 5.4 (CVSS_V3)\n\ud83d\udd39 Description: ZF Roll Stability Support Plus (RSSPlus) \nis vulnerable to an authentication bypass vulnerability targeting \ndeterministic RSSPlus SecurityAccess service seeds, which may allow an \nattacker to remotely (proximal/adjacent with RF equipment or via pivot \nfrom J2497 telematics devices) call diagnostic functions intended for \nworkshop or repair scenarios. This can impact system availability, \npotentially degrading performance or erasing software, however the \nvehicle remains in a safe vehicle state.\n\ud83d\udccf Published: 2025-02-14T00:30:44Z\n\ud83d\udccf Modified: 2025-02-14T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12054\n2. https://nmfta.org/wp-content/media/2022/11/Actionable_Mitigations_Options_v9_DIST.pdf\n3. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "creation_timestamp": "2025-02-14T01:17:06.000000Z"}