Siemens LOGO 12 improper protection against electromagnetic fault injection (em-fi)
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in Siemens LOGO 12, 24RCE, 24RCEo, LOGO 230RCE, LOGO 230RCEo, LOGO 24CE, LOGO 24CEo, LOGO 24RCE, LOGO 24RCEo, SIPLUS LOGO 12, SIPLUS LOGO 230RCE, SIPLUS LOGO 230RCEo, SIPLUS LOGO 24CE, SIPLUS LOGO 24CEo, SIPLUS LOGO 24RCE and SIPLUS LOGO 24RCEo. This impacts an unknown function. This manipulation causes improper protection against electromagnetic fault injection (em-fi). This vulnerability is handled as CVE-2022-42784. It is feasible to perform the attack on the physical device. There is not any exploit available.
Details
A vulnerability has been found in Siemens LOGO 12, 24RCE, 24RCEo, LOGO 230RCE, LOGO 230RCEo, LOGO 24CE, LOGO 24CEo, LOGO 24RCE, LOGO 24RCEo, SIPLUS LOGO 12, SIPLUS LOGO 230RCE, SIPLUS LOGO 230RCEo, SIPLUS LOGO 24CE, SIPLUS LOGO 24CEo, SIPLUS LOGO 24RCE and SIPLUS LOGO 24RCEo and classified as critical. Affected by this vulnerability is an unknown code. The manipulation with an unknown input leads to a improper protection against electromagnetic fault injection (em-fi) vulnerability. The CWE definition for the vulnerability is CWE-1319. The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions >= V8.3), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions >= V8.3), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions >= V8.3), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions >= V8.3), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions >= V8.3), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version.
The weakness was released 12/12/2023 as ssa-844582. It is possible to read the advisory at cert-portal.siemens.com. This vulnerability is known as CVE-2022-42784 since 10/11/2022. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 09/10/2024).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Vendor
Name
- 24RCE
- 24RCEo
- LOGO 12
- LOGO 24CE
- LOGO 24CEo
- LOGO 24RCE
- LOGO 24RCEo
- LOGO 230RCE
- LOGO 230RCEo
- SIPLUS LOGO 12
- SIPLUS LOGO 24CE
- SIPLUS LOGO 24CEo
- SIPLUS LOGO 24RCE
- SIPLUS LOGO 24RCEo
- SIPLUS LOGO 230RCE
- SIPLUS LOGO 230RCEo
License
Website
- Vendor: https://www.siemens.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.9VulDB Meta Temp Score: 6.9
VulDB Base Score: 6.4
VulDB Temp Score: 6.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.8
NVD Vector: 🔍
CNA Base Score: 7.6
CNA Vector (Siemens AG): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improper protection against electromagnetic fault injection (em-fi)CWE: CWE-1319 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Physical: Yes
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Timeline
10/11/2022 🔍12/12/2023 🔍
12/12/2023 🔍
09/10/2024 🔍
Sources
Vendor: siemens.comAdvisory: ssa-844582
Status: Confirmed
CVE: CVE-2022-42784 (🔍)
GCVE (CVE): GCVE-0-2022-42784
GCVE (VulDB): GCVE-100-247531
Entry
Created: 12/12/2023 11:13Updated: 09/10/2024 12:37
Changes: 12/12/2023 11:13 (45), 01/02/2024 10:53 (12), 09/10/2024 12:37 (15)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.