Siemens has firmware updates to mitigate cryptographic issues in its SIMATIC Industrial PCs, according to a report with ICS-CERT.
Successful exploitation of this remotely exploitable vulnerability could make it easier for attackers to conduct cryptographic attacks against the key material.
Siemens reports the vulnerability affects the following versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Module (TPM):
• SIMATIC Field-PG M5 all versions prior to v22.01.04
• SIMATIC IPC227E all versions prior to v20.01.10
• SIMATIC IPC277E all versions prior to v20.01.10
• SIMATIC IPC427E all versions prior to v21.01.07
• SIMATIC IPC477E all versions prior to v21.01.07
• SIMATIC IPC547G all versions
• SIMATIC ITP1000 all versions prior to v23.01.03
No known public exploits specifically target this vulnerability. High skill level is needed to exploit.
The Infineon RSA library in Infineon Trusted Platform Module (TPM) firmware creates RSA keys that might be susceptible to the ROCA attack, possibly exposing the private key of a RSA key pair.
CVE-2017-15361 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.
The product sees use mainly in the chemical, critical manufacturing, energy, food and agriculture and water and wastewater systems sectors. It also sees action on a global basis.
As a general security measure, Siemens recommends to protect network access to devices with appropriate mechanisms. In order to run the devices in a protected IT environment, Siemens particularly recommends to configure the environment according to Siemens’ Operational Guidelines for Industrial Security and to follow the recommendations in the product manuals. Click here for the Operational Guidelines for Industrial Security.
Click here for additional information on Industrial Security by Siemens.
Siemens provides firmware updates to address the vulnerability for the following affected products, and recommends users update to the newest version:
• SIMATIC Field-PG M5: Update to v22.01.04
• SIMATIC IPC227E: Update to v20.01.10
• SIMATIC IPC277E: Update to v20.01.10
• SIMATIC IPC427E: Update to v21.01.07
• SIMATIC IPC477E: Update to v21.01.07
• SIMATIC IPC547G: See recommendations from Workarounds and Mitigations section in SSA-470231
• SIMATIC ITP1000: Update to v23.01.03
For more information on this vulnerability and more detailed mitigation instructions, see Siemens Security Advisory SSA-470231.