One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 7398243 |
| Date de publication | 2022-10-11 14:04:00 (vue: 2022-10-11 22:06:06) |
| Titre | Researchers extract master encryption key from Siemens PLCs |
| Texte | Security researchers have found a way to extract a global encryption key that was hardcoded in the CPUs of several Siemens programmable logic controller (PLC) product lines, allowing them to compromise their secure communications and authentication. Siemens advises all customers to upgrade both the firmware of the impacted devices as well as the TIA Portal software that engineers use to communicate with them and deploy their programs.According to security researchers from Claroty, Siemens introduced asymmetric cryptography to its SIMATIC S7-1200/1500 PLC CPUs almost a decade ago to protect their configuration, programs, and communications. However, the company chose to do so by using a hardcoded global private key for all devices from those product families because back then dynamic key distribution and management was not a common practice and a potential burden for customers.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | 1200/1500 according advises ago all allowing almost article asymmetric authentication back because both burden chose claroty click common communicate communications company compromise configuration controller cpus cryptography customers decade deploy devices distribution dynamic encryption engineers extract families firmware found from full global hardcoded have here however impacted introduced its key lines logic management master not plc plcs please portal potential practice private product programmable programs protect read researchers secure security several siemens simatic software them then those tia upgrade use using way well |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.