CVE-2022-38773

moderate-risk

Published 2023-01-10

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.

Do I need to act?

0.15% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.6/10 Medium

PHYSICAL / LOW complexity

Affected Products (20)

Simatic Drive Controller Cpu 1504D Tf Firmware

Simatic Drive Controller Cpu 1507D Tf Firmware

Simatic S7-1500 Cpu 1510Sp F-1 Pn Firmware

Simatic S7-1500 Cpu 1510Sp-1 Pn Firmware

Simatic S7-1500 Cpu 1511-1 Pn Firmware

Simatic S7-1500 Cpu 1511C-1 Pn Firmware

Simatic S7-1500 Cpu 1511F-1 Pn Firmware

Simatic S7-1500 Cpu 1511T-1 Pn Firmware

Simatic S7-1500 Cpu 1511Tf-1 Pn Firmware

Simatic S7-1500 Cpu 1512C-1 Pn Firmware

Simatic S7-1500 Cpu 1512Sp F-1 Pn Firmware

Simatic S7-1500 Cpu 1512Sp-1 Pn Firmware

Simatic S7-1500 Cpu 1513-1 Pn Firmware

Simatic S7-1500 Cpu 1513F-1 Pn Firmware

Simatic S7-1500 Cpu 1513R-1 Pn Firmware

Simatic S7-1500 Cpu 1515-2 Pn Firmware

Simatic S7-1500 Cpu 1515F-2 Pn Firmware

Simatic S7-1500 Cpu 1515R-2 Pn Firmware

Simatic S7-1500 Cpu 1515T-2 Pn Firmware

Simatic S7-1500 Cpu 1515Tf-2 Pn Firmware

Affected Vendors

Siemens

References (4)

https://cert-portal.siemens.com/productcert/html/ssa-482757.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

https://cert-portal.siemens.com/productcert/html/ssa-482757.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

/ 100

moderate-risk

Severity 16/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 28/34 · Critical