Missing Immutable Root of Trust in Hardware in Siemens S7-1500 CPU devices



Published: 2023-01-19
Risk Low
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2022-38773
CWE-ID CWE-1326
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		SIMATIC Drive Controller CPU 1504D TF
Hardware solutions / Firmware

SIMATIC Drive Controller CPU 1507D TF
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1510SP F-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1510SP-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1510SP-1 PN)
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1511-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1511C-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1511F-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1511T-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1511TF-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1512C-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1512SP F-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1512SP-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1513-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1513F-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1513R-1 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1515-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1515F-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1515R-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1515T-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1515TF-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1516-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1516F-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1516T-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1516TF-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1517-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1517F-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1517H-3 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1517T-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1517TF-3 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518-4 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518-4F PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518HF-4 PN
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518T-4 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU 1518TF-4 PN/DP
Hardware solutions / Firmware

SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK
Hardware solutions / Firmware

SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK
Hardware solutions / Firmware

SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN
Hardware solutions / Firmware

SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1510SP F-1 PN
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1510SP-1 PN
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1510SP-1 PN RAIL
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1512SP F-1 PN
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1512SP-1 PN
Hardware solutions / Firmware

SIPLUS ET 200SP CPU 1512SP-1 PN RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1511-1 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1511-1 PN TX RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1511F-1 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1513-1 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1513F-1 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1515F-2 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1515F-2 PN RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1516-3 PN/DP
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1516F-3 PN/DP
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1518-4 PN/DP
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1517H-3 PN
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1518-4 PN/DP MFP
Hardware solutions / Firmware

SIPLUS S7-1500 CPU 1518F-4 PN/DP
Hardware solutions / Firmware

Vendor Siemens

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Missing Immutable Root of Trust in Hardware

EUVDB-ID: #VU71344

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-38773

CWE-ID: CWE-1326 - Missing Immutable Root of Trust in Hardware

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected devices do not contain an Immutable Root of Trust in Hardware. An attacker with physical access can replace the boot image of the device and execute arbitrary code.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

SIMATIC Drive Controller CPU 1504D TF: All versions

SIMATIC Drive Controller CPU 1507D TF: All versions

SIMATIC S7-1500 CPU 1510SP F-1 PN: All versions

SIMATIC S7-1500 CPU 1510SP-1 PN: All versions

SIMATIC S7-1500 CPU 1510SP-1 PN): All versions

SIMATIC S7-1500 CPU 1511-1 PN: All versions

SIMATIC S7-1500 CPU 1511C-1 PN: All versions

SIMATIC S7-1500 CPU 1511F-1 PN: All versions

SIMATIC S7-1500 CPU 1511T-1 PN: All versions

SIMATIC S7-1500 CPU 1511TF-1 PN: All versions

SIMATIC S7-1500 CPU 1512C-1 PN: All versions

SIMATIC S7-1500 CPU 1512SP F-1 PN: All versions

SIMATIC S7-1500 CPU 1512SP-1 PN: All versions

SIMATIC S7-1500 CPU 1513-1 PN: All versions

SIMATIC S7-1500 CPU 1513F-1 PN: All versions

SIMATIC S7-1500 CPU 1513R-1 PN: All versions

SIMATIC S7-1500 CPU 1515-2 PN: All versions

SIMATIC S7-1500 CPU 1515F-2 PN: All versions

SIMATIC S7-1500 CPU 1515R-2 PN: All versions

SIMATIC S7-1500 CPU 1515T-2 PN: All versions

SIMATIC S7-1500 CPU 1515TF-2 PN: All versions

SIMATIC S7-1500 CPU 1516-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1516F-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1516T-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1516TF-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1517-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1517F-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1517H-3 PN: All versions

SIMATIC S7-1500 CPU 1517T-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1517TF-3 PN/DP: All versions

SIMATIC S7-1500 CPU 1518-4 PN/DP: All versions

SIMATIC S7-1500 CPU 1518-4 PN/DP MFP: All versions

SIMATIC S7-1500 CPU 1518-4F PN/DP: All versions

SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP: All versions

SIMATIC S7-1500 CPU 1518HF-4 PN: All versions

SIMATIC S7-1500 CPU 1518T-4 PN/DP: All versions

SIMATIC S7-1500 CPU 1518TF-4 PN/DP: All versions

SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK: All versions

SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK: All versions

SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN: All versions

SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN: All versions

SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN: All versions

SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN: All versions

SIPLUS ET 200SP CPU 1510SP F-1 PN: All versions

SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL: All versions

SIPLUS ET 200SP CPU 1510SP-1 PN: All versions

SIPLUS ET 200SP CPU 1510SP-1 PN RAIL: All versions

SIPLUS ET 200SP CPU 1512SP F-1 PN: All versions

SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL: All versions

SIPLUS ET 200SP CPU 1512SP-1 PN: All versions

SIPLUS ET 200SP CPU 1512SP-1 PN RAIL: All versions

SIPLUS S7-1500 CPU 1511-1 PN: All versions

SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL: All versions

SIPLUS S7-1500 CPU 1511-1 PN TX RAIL: All versions

SIPLUS S7-1500 CPU 1511F-1 PN: All versions

SIPLUS S7-1500 CPU 1513-1 PN: All versions

SIPLUS S7-1500 CPU 1513F-1 PN: All versions

SIPLUS S7-1500 CPU 1515F-2 PN: All versions

SIPLUS S7-1500 CPU 1515F-2 PN RAIL: All versions

SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL: All versions

SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL: All versions

SIPLUS S7-1500 CPU 1516-3 PN/DP: All versions

SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL: All versions

SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL: All versions

SIPLUS S7-1500 CPU 1516F-3 PN/DP: All versions

SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL: All versions

SIPLUS S7-1500 CPU 1518-4 PN/DP: All versions

SIPLUS S7-1500 CPU 1517H-3 PN: All versions

SIPLUS S7-1500 CPU 1518-4 PN/DP MFP: All versions

SIPLUS S7-1500 CPU 1518F-4 PN/DP: All versions

External links

http://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###