CVE-2025-12357 is a vulnerability identified in the ISO 15118-2 standard, which governs network and application protocol requirements for electric vehicle (EV) charging systems. The vulnerability arises from improper handling of the Signal Level Attenuation Characterization (SLAC) protocol, which is used to establish secure communication channels between EVs and charging stations. An attacker can spoof SLAC measurements to manipulate the protocol, effectively positioning themselves as a man-in-the-middle (MitM) between the EV and the charger. This MitM attack can intercept, alter, or disrupt communications, potentially leading to unauthorized access, data leakage, or denial of service during charging sessions. Notably, the attack vector includes wireless exploitation via electromagnetic induction, requiring only close physical proximity to the target devices. The vulnerability does not require prior authentication or user interaction, increasing its risk profile. The CVSS v3.1 score of 6.3 reflects a medium severity, with low attack complexity and no privileges required. While no public exploits have been reported, the potential for misuse exists given the increasing deployment of ISO 15118-2 compliant EV chargers worldwide. The vulnerability is categorized under CWE-923, which relates to improper control of communication channel security. The lack of available patches at the time of publication underscores the need for proactive mitigation strategies.

The vulnerability poses significant risks to organizations and individuals relying on ISO 15118-2 compliant EV charging infrastructure. A successful MitM attack could compromise the confidentiality of sensitive data exchanged during charging, such as authentication credentials or billing information. Integrity of the communication can be undermined, allowing attackers to manipulate charging parameters or disrupt the charging process, potentially causing denial of service or damage to the vehicle’s battery management system. Availability may also be affected if attackers interfere with the charging session, leading to operational downtime. For commercial EV charging networks, this could translate into financial losses, reputational damage, and regulatory compliance issues. The wireless nature of the attack, leveraging electromagnetic induction, means that attackers do not need physical access to cables or hardware ports, only close proximity, increasing the attack surface in public or semi-public charging locations. As EV adoption grows globally, the scale and impact of this vulnerability could expand, affecting critical transportation infrastructure and smart grid integrations.

To mitigate CVE-2025-12357, organizations should implement the following specific measures: 1) Employ enhanced SLAC protocol validation and anomaly detection to identify and reject spoofed attenuation measurements. 2) Use physical security controls to restrict unauthorized close proximity access to EV charging stations, such as surveillance cameras and access barriers. 3) Deploy firmware and software updates from EV charger manufacturers as they become available, ensuring patches address SLAC protocol weaknesses. 4) Implement network segmentation and monitoring to detect unusual traffic patterns indicative of MitM attacks. 5) Utilize cryptographic protections and mutual authentication mechanisms beyond SLAC to secure communication channels between EVs and chargers. 6) Conduct regular security assessments and penetration testing focused on wireless attack vectors including electromagnetic induction. 7) Educate personnel and users about the risks of close proximity attacks and encourage vigilance around public charging stations. 8) Collaborate with industry groups and standards bodies to accelerate development of protocol enhancements and security best practices. These targeted actions go beyond generic advice by focusing on the unique wireless and protocol-specific aspects of this vulnerability.