Vulnerability found in Siemens PLCs

Iner

Member
I
Join Date
Mar 2010
Location
France
Posts
190
Security searchers have found a security flaw with an hardcoded private key.


Basically it affects every S7-1200 and S7-1500 CPU version before Tia Portal V17.


No known cases of use yet but regarding the number of CPUs who carry this flaw, some customer may want to know the problem in some critical industries.



https://duo.com/decipher/hardcoded-private-key-leads-to-full-control-of-some-siemens-plcs


https://www.electropages.com/blog/2...urity-bug-reveals-use-hardcoded-universal-key


Siemens official communication:


https://cert-portal.siemens.com/productcert/html/ssa-568427.html


https://cert-portal.siemens.com/productcert/html/ssb-898115.html
 

Similar Topics

R
Major Vulnerability Found In Schneider Electric Unity Pro
Article: https://threatpost.com/major-vulnerability-found-in-schneider-electric-unity-pro/121550/ From Schneider...
Replies
11
Views
5,143
RheinhardtP
RheinhardtP
J
Rockwell Vulnerability
Here we are on the fools day. Many smart readers here should be aware of these newly discover vulnerabilities...
Replies
3
Views
1,982
L33er
L33er
TheWaterboy
Vulnerability monitoring options for PLC network
Though I am resistant, I am getting pressure to install some sort of vulnerability monitoring on the PLC network so that reports can be generated...
2
Replies
16
Views
5,112
harryting
H
K
SCADA Network Vulnerability Scanning Tool
I'm looking for a toolkit / software to scan a network for vulnerabilities. One time scan, just to see the most obvious holes in their network...
Replies
5
Views
1,906
NetNathan
N
the_msp
Rockwell security vulnerability
I saw a post over on IA; https://forum.inductiveautomation.com/t/new-rockwell-security-vulnerability-a-solid-10-out-of-10/43904 Didn't see one...
Replies
13
Views
3,248
mk42
M
Back
Top Bottom