Security News > 2022 > October > Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys

Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
2022-10-12 10:41

A vulnerability in Siemens Simatic programmable logic controller can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices.

"An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections," industrial cybersecurity company Claroty said in a new report.

The critical vulnerability, assigned the identifier CVE-2022-38465, is rated 9.3 on the CVSS scoring scale and has been addressed by Siemens as part of security updates issued on October 11, 2022.

Doing so would not only permit an attacker to override native code and extract the key, but also obtain full control over every PLC per affected Siemens product line.

CVE-2022-38465 mirrors another severe shortcoming that was identified in Rockwell Automation PLCs last year and which could have enabled an adversary to remotely connect to the controller, and upload malicious code, download information from the PLC, or install new firmware.

The German industrial manufacturing company has also taken the step of encrypting the communications between engineering stations, PLCs and HMI panels with Transport Layer Security in TIA Portal version 17, while warning that the "Likelihood of malicious actors misusing the global private key as increasing."


News URL

https://thehackernews.com/2022/10/critical-bug-in-siemens-simatic-plcs.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-10-11 CVE-2022-38465 Insufficiently Protected Credentials vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
local
low complexity
siemens CWE-522
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Siemens 2073 38 462 996 213 1709