CISO2CISO.COM & CYBER SECURITY GROUP

Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)

Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected boot features. These vulnerabilities affect over 120 different models of the Siemens S7-1500 CPU product family. The vulnerable implementation of RoT using a secure cryptographic processor. If the shared cryptographic material is captured, adversaries may use the secure cryptographic processor as an oracle to encrypt and decrypt tampered firmware. Red Balloon … More

The post Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773) appeared first on Help Net Security.

Leer másHelp Net Security

Leave a Reply

Your email address will not be published. Required fields are marked *