More than 100 models of Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers were found by Red Balloon Security to contain several architectural flaws that could be leveraged to facilitate device compromise, The Hacker News reports.
Threat actors could exploit the vulnerabilities, collectively tracked as CVE-2022-38773, to evade protected boot features and enable persistent arbitrary modification of operating code and data, according to a Red Balloon Security report, which noted that the bugs have stemmed from the absence of asymmetric signature verifications for the firmware at bootup. Researchers also noted that modified firmware could be used for persistent malicious code execution without any security warnings.
"This discovery has potentially significant implications for industrial environments as these unpatchable hardware root-of-trust vulnerabilities could result in persistent arbitrary modification of S7-1500 operating code and data," researchers added.
No patches are being planned for the flaws but Siemens has called on customers to restrict physical access for vulnerable PLCs.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news