Siemens Offers Workarounds for Newly Found PLC Vulnerability

  /     /     /  
Publicated : 23/11/2024   Category : security


Siemens Offers Workarounds for Newly Found PLC Vulnerability


An undocumented hardware-based special access feature recently found by researchers in Siemens S7-1200 can be used by attackers to gain control of the industrial devices.



Siemens recently issued
a security advisory
with workarounds and mitigations for a vulnerability uncovered by researchers in its S7-1200 programmable logic controllers (PLCs) that could be used to bypass a firmware integrity check to load malware or hijack the industrial processes of the devices.
Researchers from Ruhr University Bochum in Germany
found an undocumented hardware-based special access feature
in Siemens S7-1200 PLCs while studying its bootloader, which handles software updates and verifies the integrity of the PLCs firmware when the device starts up.
Ali Abbasi, a research scholar at Ruhr-University Bochum, doctoral student Tobias Scharnowski, and professor Thorsten Holz will present
their findings this week
in London at Black Hat Europe. The researchers alerted Siemen, which says it plans to fix the flaw.
Its unclear whether the flaw can be fixed in software or if it requires a hardware swap, according to Abbasi, and the researchers are not sure if additional models of the PLC also are affected.
In a statement in response to an inquiry on the nature of the fix, Siemens said its still working on the issue, pointing to the
SSA-686531 advisory
it released late last month. We are in the process of reviewing our product models and will post updates to SSA-686531 if further models are affected, Siemens said. With respect to a final solution, Siemens experts continue to work on the issue. Siemens provided workarounds and mitigations within the Siemens Security Advisory (SSA-686531) and Siemens will update the document when a final solution is available.
Abassi and his fellow researchers also found that the special access feature in the PLCs could also be used for good: as a forensic tool for defenders. They employed the feature to view the contents of the PLCs memory, so a plant operator could also use it to find malicious code on the device, for example.
Check out 
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays top story:
A Cause You Care About Needs Your Cybersecurity Help
.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Siemens Offers Workarounds for Newly Found PLC Vulnerability