Architectural vulnerabilities detected in Siemens SIMATIC S7-1500 Series

Red Balloon’s discovery has significant implications for industrial environments as it relates to hardware root-of-trust vulnerabilities that cannot be patched. Exploitation of these vulnerabilities could allow offline attackers to generate arbitrary encrypted firmware that are bootable on all Siemens S7-1500 series PLC CPU modules. Furthermore, these vulnerabilities allow attackers to persistently bypass integrity validation and security features of the ADONIS operating system and subsequent user space code. Red Balloon has reported these vulnerabilities to Siemens, and Siemens has confirmed them.

“It’s important for all industrial operators using the Siemens S7-1500 Series PLC to take several steps to prevent possible exploitation of these critical vulnerabilities,” said Dr. Ang Cui, founder and CEO of Red Balloon. “While these vulnerabilities technically require physical access to exploit, it is possible for sophisticated attackers to ‘chain,’ or combine, these vulnerabilities with other remote access vulnerabilities on the same network to install malicious firmware without the need for in-person contact.”

“The vulnerabilities exist because the Siemens custom System-on-Chip (SoC) does not establish a tamper proof Root of Trust (RoT) in the early boot process,” said Yuanzhe Wu, senior research scientist at Red Balloon. “The Siemens RoT is implemented through the integration of a dedicated cryptographic secure element - the ATECC CryptoAuthentication chip. However, this RoT implementation contains flaws that can be abused by attackers to compromise RoT itself and allow attackers to decrypt and load tampered firmware on the S7-1500 PLCs without user’s knowledge.”

Although there are possible ways to mitigate the effects of this hardware RoT exploitation such as using run-time memory attestation, the fundamental vulnerabilities – improper hardware implementations of the RoT using dedicated cryptographic-processor -– are unpatchable and cannot be fixed by a firmware update since the hardware is physically unmodifiable, reports Red Balloon.

Red Balloon has developed an advanced persistent threat detection tool for owners and operators of the Siemens S7-1500 series PLCs to verify whether vulnerable devices have been tampered with or compromised. Siemens also recommends that customers assess the risk of physical access to the device in the target deployment and to implement measures to make sure that only trusted personnel have access to the physical hardware. Siemens’ advisory can be found at cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf.

To limit the effects of potential exploitation of these vulnerabilities, Red Balloon has further recommended several mitigations to Siemens, which include: implement runtime integrity attestation; add asymmetric signature check for firmware at bootup scheme; and encrypt the firmware with device specific keys that are generated on individual devices.

Detailed explanation of the S7-1500 Series PLC vulnerabilities and potential risks can be found via the following link: