Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected boot features. These vulnerabilities affect over 120 different models of the Siemens S7-1500 CPU product family. The vulnerable implementation of RoT using a secure cryptographic processor. If the shared cryptographic material is captured, adversaries may use the secure cryptographic processor as an oracle to encrypt and decrypt tampered firmware. Red Balloon … More
The post Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773) appeared first on Help Net Security.
