CVE-2025-12357 is a vulnerability classified under CWE-923 affecting the ISO 15118-2 Network and Application Protocol Requirements for EV car chargers. The weakness lies in the SLAC protocol, which is responsible for establishing secure communication channels between electric vehicles and charging stations. An attacker can spoof SLAC measurements to manipulate the signal attenuation data, thereby positioning themselves as a man-in-the-middle (MitM) between the EV and the charger. This MitM attack can intercept, alter, or disrupt communications, potentially leading to unauthorized data disclosure, manipulation of charging parameters, or denial of service. The attack vector is notable because it can be executed wirelessly via electromagnetic induction within close proximity, meaning physical access to the charging environment is not strictly necessary but close-range presence is required. The vulnerability does not require any privileges or user interaction, increasing its risk profile. The CVSS v3.1 score of 8.3 reflects a high severity, with attack vector classified as adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), low integrity impact (I:L), and high availability impact (A:H). No patches or known exploits are currently available, indicating the need for proactive mitigation. This vulnerability affects all implementations compliant with ISO 15118-2, which is a widely adopted standard in modern EV charging infrastructure.

For European organizations, this vulnerability poses significant risks due to the continent's rapid adoption of electric vehicles and extensive deployment of ISO 15118-2 compliant charging infrastructure. A successful MitM attack could lead to unauthorized access to sensitive vehicle and user data, manipulation of charging sessions potentially causing financial loss or battery damage, and disruption of charging availability impacting EV fleet operations and public charging services. Critical infrastructure operators, commercial fleet managers, and public charging network providers could face operational disruptions and reputational damage. Furthermore, the wireless nature of the attack vector means attackers could exploit public or semi-public charging stations without direct physical tampering, increasing the threat surface. The confidentiality breach could expose user identities and charging habits, while availability impact could hinder EV adoption efforts and undermine trust in green transportation initiatives.

Mitigation should focus on both immediate and long-term measures. In the short term, operators should enforce strict physical security controls around charging stations to limit close proximity access. Network segmentation and monitoring of EV charger communications can help detect anomalous SLAC behavior indicative of spoofing attempts. Firmware and software updates should be prioritized once vendors release patches addressing SLAC protocol validation weaknesses. Implementing additional cryptographic validation and integrity checks on SLAC measurements can reduce spoofing risks. Organizations should collaborate with standards bodies and vendors to accelerate protocol enhancements and share threat intelligence. User awareness campaigns can help inform EV users about potential risks when charging in unsecured or unfamiliar locations. Finally, integrating anomaly detection systems that monitor charging session parameters for irregularities can provide early warning of exploitation attempts.