This article has been indexed from Softpedia News / Security
On Friday, Siemens released firmed updates to fix a serious vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs). Both could be exploited by a malicious actor to remotely gain access to protected memory areas and achieve unrestricted and undetected code execution, that researchers call the holy grail.
Claroty identified the memory protection bypass vulnerability, listed as CVE-2020-15782 (CVSS score: 8.1), by reverse-engineering the MC7 / MC7+ bytecode language used to execute PLC instructions in the microprocessor. There is no evidence that the flaw has been exploited in the wild.
Siemens stated in an alert that an unauthenticated, remote attacker with network access to TCP port 102 could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
Read the original article: Siemens PLCs New Security Flaws Uncovered