Hey hackers! Grab some hardcoded Siemens crypto keys and go wild*
Per RATM: "Action must be taken. We don't need the key we'll break in"
A Siemens’ SIMATIC line of programmable logic controller (PLC) and automation systems include hardcoded cryptographic keys that can be recovered by an attacker to give them “full control over every PLC”.
Security researchers at Claroty managed to extract a “family key” that let them decrypt protected communications across an entire model range of the PLCs, which are used in industrial applications.
The vulnerability, with a critical CVSS score of 9.3, has been assigned CVE-2022-38465.
The company – which works closely with Siemens on vulnerability discovery and disclosure – said to get to this point it had first also exploited an earlier vulnerability, CVE-2020-15782, which lets a remote unauthenticated attacker with network access to TCP port 102 write arbitrary data and code to protected memory areas.
> Follow The Stack on LinkedIn <
Siemens describes three of the affected products as “designed for discrete and continuous control in industrial environments such as manufacturing, food and beverages, and chemical industries worldwide” and another as granting “full network access to simulate the PLCs, even in virtualized environments”.
“Siemens is not aware of related cybersecurity incidents but considers the likelihood of malicious actors misusing the global private key as increasing and strongly recommends to follow the remediations described in SSA-568427 and to update both, the TIA Portal project to V17 and CPU to related firmware version” it said.
The German industrial powerhouse said it had introduced symmetric cryptography into the affected product lines in 2013 because at the time “practical solutions for dynamic key management and key distribution did not exist for industrial control systems,” admitting that “this decision needs to be revised and adapted.”
The disclosure “led to the introduction of a new TLS management system in TIA Portal v17, ensuring that configuration data and communications between Siemens PLCs and engineering workstations is encrypted.”
https://www.youtube.com/watch?v=r-dmxU1gEl0 Claroty discussed the initial vuln. used, CVE-2020-15782, in detail at the S4x22 Conference
Siemens SIMATIC vulnerabilities: What’s affected?
Siemens said the following products should be updated as follows, where humanly possible.
- SIMATIC Drive Controller family >= V2.9.2
- SIMATIC ET 200SP Open Controller 2 >= V21.9
- SIMATIC S7-1200 CPU family >= V4.5.0
- SIMATIC S7-1500 CPU family >= V2.9.2
- SIMATIC S7-1500 SW Controller >= V21.9
- PLCSIM Advanced >= V4.0
To those unable to update (always challenging in OT environments) Siemens’ suggested workarounds include: “Use legacy (i.e., not TLS-based) PG/PC and HMI communication only in trusted network environments” [and] protect access to the TIA Portal project and CPU (including related memory cards) from unauthorized actors”
Using CVE-2022-38465, Clarity said it successfully gained access to a trio of hardcoded keys:
- A Connection Key: Used for packet integrity verification and authentication.
- A CPU Key: A “per-model/firmware” key used to encrypt configurations and code
- A Family Key: A “per-family” used when the CPU key is not known.
“This new knowledge allowed us to implement the full protocol stack, encrypt/decrypt protected communication, and configurations” the company said today, as Siemens issued updates for the products.
Siemens added in a security advisory today: “An offline attack against a single PLC allows sophisticated attackers to discover the global private key and then use this knowledge to perform two types of attack:
“Attack 1: Extract confidential configuration data. With access to the TIA Portal project or the project stored on the PLC (including memory card), an attacker could extract confidential configuration data. These data are cryptographic keys and passwords which are used for certificate-based communication like https, OPC UA, or secure Open User Communication and for the protection of the PLC (access level passwords).
“Attack 2: Attacks against legacy PG/PC, HMI communication With Man-in-the-Middle attacks, attacker could read, modify, and selectively forward data between the PLC and its connected HMIs and Engineering Stations.
Siemens recommends that users immediately update SIMATIC S7-1200 and S7-1500 PLCs and corresponding versions of the TIA Portal project to the latest versions. TIA Portal V17 and related CPU firmware versions include the new PKI system protecting confidential configuration data based on individual passwords per device and TLS-protected PG/PC and HMI communication, the company said today, in advisories available here and here.
*This is a facetious headline not an instruction. Follow the law on asset discovery and scanning.