CVE-2022-38465: Very critical vulnerability with CVSS score of 9.3 affect most popular PLC device Siemens SIMATIC S7-1200/1500

Claroty’s Team 82 researchers said that they had found the serious vulnerability CVE-2022-38465, which has a CVSS score of 9.3. The problem affects the TIA Portal, which enables connection between engineering stations, PLCs, and other devices, as well as the SIMATIC S7-1200 and S7-1500 PLCs made by the business. The flaw enables hackers to acquire “heavily secured, hardcoded, global private cryptographic keys” inherent in Siemens products, which they can use “to undertake several sophisticated attacks against Siemens SIMATIC equipment and the linked TIA Portal, while evading all four of its access level defenses.”

According to Claroty, a hostile actor might damage the SIMATIC S7-1200/1500 product line “in an irreversible fashion” with this attack.

Siemens has released updates to one of its most well-known PLCs, or programmable logic controllers, which are industrial computers extensively used in the manufacturing and other industries.

The researchers pointed out that the data obtained through these attacks may be used by hackers to create more exploitation tools, which might lead to additional attacks and data exfiltration.

The system was created roughly ten years ago, and Siemens issued its own advisory about the problem, stating that the devices “secure the built-in global private key in a way that cannot be regarded sufficient any more.” The key is needed to safeguard sensitive configuration data, the business stated. “At the time the design was created, industrial control systems lacked solutions for dynamic key management and key distribution. Key management solutions for integrators and clients need more operational work than necessary, the business claimed.

In order to reduce exposure to the problem, Siemens advised customers to upgrade their systems and provided alternative remedies.