ZF Roll Stability Support Plus (RSSPlus)

Risk Summary

Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely (proximal/adjacent with RF equipment) call diagnostic functions which could impact both the availability and integrity.

CVEs (1)

Remediations

• To most effectively mitigate general vulnerabilities of the powerline communication in trucks, trailers and tractors utilizing J2497 technology should disable all features where possible, except for backwards-compatibility with LAMP ON detection only. Users acquiring new trailer equipment should migrate all diagnostics to newer trailer bus technology. Users acquiring new tractor equipment should remove support for reception of any J2497 message other than LAMP messages.
• Moving away from security access and implementing the latest security feature authenticate (0x29)
• Ensure random numbers are generated from a cryptographically secure hardware true random number generator
• Adopting modern standards/protocols for truck trailer communication
• NMFTA has published detailed information about how to mitigate these issues in the following ways:
• Install a LAMP ON firewall for each ECU
• Use a LAMP detect circuit LAMP ON sender with each trailer
• Change addresses dynamically on each tractor in response to detecting a transmitter on its current address.
• Install RF chokes on each trailer between chassis ground and wiring ground
• Load with LAMP keyhole signal on each tractor
• Flood with jamming signal on each tractor
• Please visit NMFTA for additional details on these and other solutions.

Affected Vendors

Affected Products (1)

Affected Sectors

Transportation Systems