CVE-2025-12357 identifies a vulnerability in the ISO 15118-2 standard, which governs network and application protocol requirements for electric vehicle (EV) charging systems. The flaw arises from the ability of an attacker to manipulate the Signal Level Attenuation Characterization (SLAC) protocol, which is used to establish and maintain secure communication channels between EVs and charging stations. By injecting spoofed SLAC measurements, an attacker can perform a man-in-the-middle (MitM) attack, intercepting and potentially altering data exchanged during the charging session. This attack vector is notable because it can be executed wirelessly within close physical proximity, leveraging electromagnetic induction to communicate with the charging system without direct physical connections or prior authentication. The vulnerability is classified under CWE-923, indicating improper use of a communication channel or protocol leading to security weaknesses. The CVSS 3.1 base score of 6.3 reflects a medium severity, with an attack vector requiring adjacent network access (AV:A), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact affects confidentiality, integrity, and availability, but the scope remains unchanged (S:U). Currently, there are no known exploits in the wild, and no patches have been released, highlighting the need for proactive defensive measures. This vulnerability could undermine the trustworthiness of EV charging infrastructure, potentially leading to unauthorized data interception, manipulation of charging parameters, or denial of service conditions.

The vulnerability poses a significant risk to the confidentiality, integrity, and availability of communications between electric vehicles and charging stations. Successful exploitation could allow attackers to intercept sensitive data such as authentication credentials or billing information, manipulate charging commands to disrupt or alter charging sessions, or cause denial of service by interfering with the communication protocol. This could result in financial losses, operational disruptions, and erosion of user trust in EV infrastructure. Given the increasing adoption of EVs globally and reliance on ISO 15118-2 compliant chargers, the impact could be widespread, affecting individual consumers, fleet operators, and public charging networks. Moreover, the wireless nature of the attack within close proximity raises concerns about physical security and the need for secure environments around charging stations. Although no exploits are currently known, the vulnerability could be leveraged by attackers with physical access to charging areas, including malicious insiders or opportunistic attackers in public spaces. The medium severity score reflects the balance between the attack feasibility and the limited range of impact, but the strategic importance of EV infrastructure elevates the overall risk profile.

To mitigate this vulnerability, organizations should implement a multi-layered security approach. First, physical security controls should be enhanced around EV charging stations to limit unauthorized proximity access, including surveillance and access restrictions. Network segmentation should be employed to isolate charging infrastructure from critical enterprise networks, reducing the potential impact of a compromise. Monitoring and anomaly detection systems should be configured to identify unusual SLAC protocol traffic patterns or unexpected signal characteristics indicative of spoofing attempts. Vendors and operators should prioritize firmware and software updates as soon as patches become available, ensuring compliance with the latest security standards. Additionally, implementing cryptographic enhancements or mutual authentication mechanisms at the protocol level could reduce the risk of MitM attacks. Training personnel on the risks associated with EV charging infrastructure and establishing incident response plans specific to these systems will further strengthen defenses. Collaboration with industry groups and standards bodies to accelerate security improvements in ISO 15118-2 implementations is also recommended.