PT-2022-5030 · Siemens · Simatic S7-1500 Software Controller+8

Published

2022-10-11

·

Updated

2023-09-07

·

CVE-2022-38465

CVSS v3.1

9.3

Critical

VectorAV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SIMATIC Drive Controller family versions prior to V2.9.2 SIMATIC ET 200SP Open Controller CPU 1515SP PC versions prior to V21.9 SIMATIC ET 200SP Open Controller CPU 1515SP PC2 versions prior to V21.9 SIMATIC S7-1200 CPU family versions prior to V4.5.0 SIMATIC S7-1500 CPU family versions prior to V2.9.2 SIMATIC S7-1500 Software Controller versions prior to V21.9 SIMATIC S7-PLCSIM Advanced versions prior to V4.0 SINUMERIK MC versions prior to V6.21 SINUMERIK ONE versions prior to V6.21
Description A vulnerability has been identified in the affected products, where the built-in global private key is not sufficiently protected. This key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. An attacker could discover the private key of a CPU product family by an offline attack against a single CPU of the family, allowing them to extract confidential configuration data or perform attacks against legacy PG/PC and HMI communication.
Recommendations For SIMATIC Drive Controller family versions prior to V2.9.2, update to version V2.9.2 or later. For SIMATIC ET 200SP Open Controller CPU 1515SP PC versions prior to V21.9, update to version V21.9 or later. For SIMATIC ET 200SP Open Controller CPU 1515SP PC2 versions prior to V21.9, update to version V21.9 or later. For SIMATIC S7-1200 CPU family versions prior to V4.5.0, update to version V4.5.0 or later. For SIMATIC S7-1500 CPU family versions prior to V2.9.2, update to version V2.9.2 or later. For SIMATIC S7-1500 Software Controller versions prior to V21.9, update to version V21.9 or later. For SIMATIC S7-PLCSIM Advanced versions prior to V4.0, update to version V4.0 or later. For SINUMERIK MC versions prior to V6.21, update to version V6.21 or later. For SINUMERIK ONE versions prior to V6.21, update to version V6.21 or later.

Fix

Insufficiently Protected Credentials

Weakness Enumeration

CWE-522

Related Identifiers

BDU:2022-06247
CVE-2022-38465

Affected Products

Simatic Drive Controller
Simatic Et 200Sp Open Controller Cpu 1515Sp Pc
Simatic Et 200Sp Open Controller Cpu 1515Sp Pc2
Simatic S7-1200 Cpu
Simatic S7-1500 Cpu
Simatic S7-1500 Software Controller
Simatic S7-Plcsim Advanced
Sinumerik Mc
Sinumerik One