Industrial operations with equipment running Siemens network-connected S7-1500 series programmable logic controllers (PLCs) are being warned to physically isolate the devices after the discovery of serious vulnerabilities.
According to researchers at Red Balloon Security, multiple architectural vulnerabilities exist in the Siemens SIMATIC and SIPLUS S7-1500 series PLCs that could allow attackers to bypass all protected boot features, resulting in persistent arbitrary modification of operating code and data.
The fundamental vulnerabilities — improper hardware implementations of the Root of Trust (RoT) using a dedicated cryptographic-processor — are unpatchable and cannot be fixed by a firmware update, since the hardware is physically unmodifiable, say the researchers.
In an advisory, Siemens says an attacker would need physical access to the device to replace the boot image of the device and execute arbitrary code.
Because exploiting this vulnerability requires physical tampering with the product, Siemens recommends customers assess the risk of physical access to the device(s) and implement measures — such as placing the devices in locked control cabinets — to make sure that only trusted personnel have access to them.
Red Balloon also recommends IT pros implement runtime integrity attestation; add asymmetric signature check for firmware at bootup scheme; and encrypt the firmware with device-specific keys that are generated on individual devices.
The vulnerabilities have been named CVE-2022-38773, and a CVSS v3 score of 4.6 was assessed.
According to Siemens, SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as manufacturing, food and beverages, and chemical industries.
The manufacturer has released new hardware versions for several CPU types of the S7-1500 product family in which this vulnerability is fixed, and is working on new hardware versions for remaining PLC types to address this vulnerability completely.
An attack scenario would look like this, says Red Balloon: An attacker with physical access to the device could either attach to the I2C communication bus or extract the physical ATECC chip from the PLC’s PCB to falsely authenticate and use it as an oracle to generate firmware decryption material. The Siemens ADONIS RTOS Firmware and bootloader integrity check is located in the firmware itself (chain of trust) which can be easily bypassed through the attacker’s tampered firmware.
The last step would be flashing the modified firmware onto the device either through NAND flash reprogram, or to chain it with an existing remote code execution vulnerability. By flashing malicious firmware on a target device, either physically or by exploiting an existing remote code execution vulnerability, attackers could persistently gain arbitrary code execution and potentially circumvent any official security and firmware updates, without the user’s knowledge.