all InfoSec news
SSA-482757 V1.2 (Last Update: 2023-03-14): Missing Immutable Root of Trust in S7-1500 CPU devices
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.
As exploiting this vulnerability requires physical tampering with the product, Siemens recommends to assess the risk of physical access to the device …
access attacker can code cpu device devices family hardware immutable integrity missing physical physical access product root root of trust ssa trust update