International Standards Organization ISO 15118-2

Source: All CISA Advisories | Added:

The article discusses a vulnerability in the ISO 15118-2 standard, specifically related to improper restriction of communication channels, which could allow for man-in-the-middle attacks between electric vehicles and chargers. The vulnerability, identified as CVE-2025-12357, has a CVSS v4 score of 7.2 and is exploitable wirelessly in close proximity.

---

Impact: ISO 15118-2 compliant EV car chargers

In the Wild: No

Age: Newly disclosed

Remediation: Use TLS for all communications as recommended in ISO 15118-20, implement certificate chaining, and minimize network exposure for control systems.

Read Full Original Article →