Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)

Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected boot features. These vulnerabilities affect over 120 different models of the Siemens S7-1500 CPU product family. The vulnerable implementation of RoT using a secure cryptographic processor. If the shared cryptographic material is captured, adversaries may use the secure cryptographic processor as an oracle to encrypt and decrypt tampered firmware. Red Balloon … More →

The post …

adversaries boot bypass cpu critical critical vulnerabilities cve devices family features hardware ics may plc processor product red balloon red balloon security scada security series siemens simatic software vulnerabilities vulnerability vulnerability disclosure vulnerable