Exploitation of Siemens global private keys likely to prompt PLC compromise

October 12, 2022

SecurityWeek reports that threat actors could exploit a critical security vulnerability in Siemens programmable logic controllers involving the acquisition of global private keys that could then be leveraged for PLC hacking. The flaw, tracked as CVE-2022-38465, has been identified by Claroty researchers who were able to secure a private key following exploitation of another bug, tracked as CVE-2020-15872, to obtain direct memory access, as well as enable total PLC control and man-in-the-middle attack capabilities. Such findings have been confirmed by Siemens, which noted that the new vulnerability has stemmed from inadequate cryptographic key protections that could prompt attacks against the whole product line with the same private key. "Siemens is not aware of related cybersecurity incidents but considers the likelihood of malicious actors misusing the global private key as increasing," said Siemens, which has already announced fixes for the flaw. While unique passwords and TLS 1.3 communications protections have been implemented by Siemens, the company noted that applying firmware updates alone is insufficient. "In addition, the hardware configuration in the TIA Portal project (V17 or later) must also be updated to the corresponding CPU version and downloaded to the PLC," the company added.

Exploitation of Siemens global private keys likely to prompt PLC compromise

Related

Significant measures needed to curb metaverse’s significant data privacy risk

Retool breach-related cryptocurrency hacks attributed to Google feature

First-ever data broker deletion bill in US passes in California

Related Events

They’re not on your payroll, but you still must secure their data

Modern Identity Governance & Administration for Mid-sized Organizations

The Reckoning: Why traditional MFA is not enough for cyber insurance compliance

Get daily email updates