Improper Protection against Electromagnetic Fault Injection in Siemens LOGO! V8.3 BM Devices

Published: 2023-12-13

Risk	Low
Patch available	NO
Number of vulnerabilities	1
CVE-ID	CVE-2022-42784
CWE-ID	CWE-1319
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	LOGO! 12/24RCE Hardware solutions / Firmware LOGO! 12/24RCEo Hardware solutions / Firmware LOGO! 24CE Hardware solutions / Firmware LOGO! 24CEo Hardware solutions / Firmware LOGO! 24RCE Hardware solutions / Firmware LOGO! 24RCEo Hardware solutions / Firmware LOGO! 230RCE Hardware solutions / Firmware LOGO! 230RCEo Hardware solutions / Firmware SIPLUS LOGO! 12/24RCE Hardware solutions / Firmware SIPLUS LOGO! 12/24RCEo Hardware solutions / Firmware SIPLUS LOGO! 24CE Hardware solutions / Firmware SIPLUS LOGO! 24CEo Hardware solutions / Firmware SIPLUS LOGO! 24RCE Hardware solutions / Firmware SIPLUS LOGO! 24RCEo Hardware solutions / Firmware SIPLUS LOGO! 230RCE Hardware solutions / Firmware SIPLUS LOGO! 230RCEo Hardware solutions / Firmware
Vendor	Siemens

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper Protection against Electromagnetic Fault Injection

EUVDB-ID: #VU84395

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-42784

CWE-ID: CWE-1319 - Improper Protection against Electromagnetic Fault Injection

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the system.

The vulnerability exists due to an electromagnetic fault injection. An attacker with physical access can dump and debug the firmware and inject public keys of custom created key pairs which are then signed by the product CA.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

LOGO! 12/24RCE: 8.3

LOGO! 12/24RCEo: 8.3

LOGO! 24CE: 8.3

LOGO! 24CEo: 8.3

LOGO! 24RCE: 8.3

LOGO! 24RCEo: 8.3

LOGO! 230RCE: 8.3

LOGO! 230RCEo: 8.3

SIPLUS LOGO! 12/24RCE: 8.3

SIPLUS LOGO! 12/24RCEo: 8.3

SIPLUS LOGO! 24CE: 8.3

SIPLUS LOGO! 24CEo: 8.3

SIPLUS LOGO! 24RCE: 8.3

SIPLUS LOGO! 24RCEo: 8.3

SIPLUS LOGO! 230RCE: 8.3

SIPLUS LOGO! 230RCEo: 8.3

CPE2.3

External links

https://cert-portal.siemens.com/productcert/pdf/ssa-844582.pdf

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.