Security News > 2022 > October > Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys

A vulnerability in Siemens Simatic programmable logic controller can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices.

"An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections," industrial cybersecurity company Claroty said in a new report.

The critical vulnerability, assigned the identifier CVE-2022-38465, is rated 9.3 on the CVSS scoring scale and has been addressed by Siemens as part of security updates issued on October 11, 2022.

Doing so would not only permit an attacker to override native code and extract the key, but also obtain full control over every PLC per affected Siemens product line.

CVE-2022-38465 mirrors another severe shortcoming that was identified in Rockwell Automation PLCs last year and which could have enabled an adversary to remotely connect to the controller, and upload malicious code, download information from the PLC, or install new firmware.

The German industrial manufacturing company has also taken the step of encrypting the communications between engineering stations, PLCs and HMI panels with Transport Layer Security in TIA Portal version 17, while warning that the "Likelihood of malicious actors misusing the global private key as increasing."

News URL

https://thehackernews.com/2022/10/critical-bug-in-siemens-simatic-plcs.html