{"vulnerability": "CVE-2024-12054", "sightings": [{"uuid": "4c0920fb-8c95-4dbd-ab0f-33d502595a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "content": "", "creation_timestamp": "2025-01-21T11:00:00.000000Z"}, {"uuid": "b8422e5d-fb2e-40e2-81b4-e5b30012c79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3sydrc6b2g", "content": "", "creation_timestamp": "2025-02-13T23:15:42.219427Z"}, {"uuid": "91b7413a-ddcd-49e5-ba3e-1eb60a1d3fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li3xgdh7gv2a", "content": "", "creation_timestamp": "2025-02-14T00:35:09.089611Z"}, {"uuid": "1bc39afc-0f14-4fa2-85d4-771a74f25945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12054\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T23:15:09.823\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://nmfta.org/wp-content/media/2022/11/Actionable_Mitigations_Options_v9_DIST.pdf\n2. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "creation_timestamp": "2025-02-14T01:11:13.000000Z"}, {"uuid": "c96a7377-f10f-481e-8295-c15d34a83d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4408", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12054\n\ud83d\udd25 CVSS Score: 5.4 (CVSS_V3)\n\ud83d\udd39 Description: ZF Roll Stability Support Plus (RSSPlus) \nis vulnerable to an authentication bypass vulnerability targeting \ndeterministic RSSPlus SecurityAccess service seeds, which may allow an \nattacker to remotely (proximal/adjacent with RF equipment or via pivot \nfrom J2497 telematics devices) call diagnostic functions intended for \nworkshop or repair scenarios. This can impact system availability, \npotentially degrading performance or erasing software, however the \nvehicle remains in a safe vehicle state.\n\ud83d\udccf Published: 2025-02-14T00:30:44Z\n\ud83d\udccf Modified: 2025-02-14T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12054\n2. https://nmfta.org/wp-content/media/2022/11/Actionable_Mitigations_Options_v9_DIST.pdf\n3. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "creation_timestamp": "2025-02-14T01:17:06.000000Z"}, {"uuid": "12dd409f-797f-42ca-a479-74457f0d6681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/cvedetector/18062", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12054 - ZF Roll Stability Support Plus (RSSPlus) Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12054 \nPublished : Feb. 13, 2025, 11:15 p.m. | 33\u00a0minutes ago \nDescription : ZF Roll Stability Support Plus (RSSPlus)   \nis vulnerable to an authentication bypass vulnerability targeting   \ndeterministic RSSPlus SecurityAccess service seeds, which may allow an   \nattacker to remotely (proximal/adjacent with RF equipment or via pivot   \nfrom J2497 telematics devices) call diagnostic functions intended for   \nworkshop or repair scenarios. This can impact system availability,   \npotentially degrading performance or erasing software, however the   \nvehicle remains in a safe vehicle state. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T01:32:26.000000Z"}, {"uuid": "f0a7ef7d-0468-470f-87ea-127b03f0caa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "Telegram/Vz13zTwm0TEGry8Mk8nOD5Bdc_tHpYiS9RQAQ7vfvwZR9kt4", "content": "", "creation_timestamp": "2025-02-14T10:09:24.000000Z"}]}