"This malicious shellcode, when executed, gave us remote code execution. "Escaping the sandbox means an attacker would be able to read and write from anywhere on the PLC," Tal Keren, a Claroty security researcher, writes. "We demonstrate a new and sophisticated remote attack that allows us to gain native code execution on Siemens S7 PLCs."Ĭlaroty says it was able to jailbreak a device by escaping the user sandbox and then writing a shellcode into protected memory regions. "The holy grail in PLC vulnerability research, from the attacker perspective, is to achieve unrestricted and undetected code execution on the PLC," Claroty states. Security firm Claroty, which analyzed the vulnerability, says it was able to jailbreak a Siemens product by exploiting the flaw. The company did not immediately respond to Information Security Media Group's request for additional information on whether there have been any successful exploits of the flaw. "Siemens is preparing further updates and recommends specific countermeasures for products where updates are not yet available," the company states. The company released updates for the affected products and has urged customers to immediately implement the patches. It affects seven products in the Siemens automation product series SIMATIC S7-1200 and S7-1500 CPU. The alert notes the vulnerability, tracked as CVE-2020-15782, is ranked 8.1 - which is highly critical. See Also: Zero Trust Webinar: Research Insights Exploring the Actionable, Holistic & Integrative Approach to Security Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks, according to a company advisory.
0 kommentar(er)
