"Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys"

A flaw in the Siemens SIMATIC Programmable Logic Controller (PLC) can be used to retrieve the hard-coded, global private cryptographic keys and seize control over the devices. According to industrial cybersecurity firm Claroty, an attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal while circumventing all four of its access level protections. A malicious actor could use this secret information to damage the SIMATIC S7-1200/1500 product line. The critical vulnerability, tracked as CVE-2022-38465, is rated 9.3 on the CVSS scale and was addressed by Siemens as part of security updates released on October 11, 2022. Claroty claimed that it was able to gain read and write access to the controller by exploiting a previously disclosed flaw in Siemens PLCs (CVE-2020-15782), allowing the recovery of the private key. An attacker would not only be able to override native code and extract the key, but they would also have complete control over every PLC in the affected Siemens product line. This article continues to discuss the potential exploitation and impact of the critical bug found in Siemens SIMATIC PLCs.   

THN reports "Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys"