Main Vulnerability Database SB2023011909

SB2023011909 - Missing Immutable Root of Trust in Hardware in Siemens S7-1500 CPU devices

Published: January 19, 2023

Security Bulletin ID SB2023011909

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Missing Immutable Root of Trust in Hardware (CVE-ID: CVE-2022-38773)

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected devices do not contain an Immutable Root of Trust in Hardware. An attacker with physical access can replace the boot image of the device and execute arbitrary code.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

SB2023011909 - Missing Immutable Root of Trust in Hardware in Siemens S7-1500 CPU devices

Breakdown by Severity

Description

Remediation

References

Please verify you're human