Full Report
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. [0] https://www.openssl.org/news/secadv/20220315.txt
Analysis Summary
# Vulnerability: OpenSSL Denial of Service in Siemens Industrial Products
## CVE Details
- **CVE ID:** CVE-2022-0778
- **CVSS Score:** 7.5 (High) via CVSS v3.1 / 8.7 (High) via CVSS v4.0
- **CWE:** CWE-674 (Uncontrolled Recursion) / CWE-835 (Loop with Unreachable Exit Condition)
## Affected Systems
A wide range of Siemens industrial networking and automation products are affected, including but not limited to:
- **Industrial Edge:** OPC UA Connector (V5.1 < V5.5.1)
- **Networking:** SINEC INS (< V1.0 SP2), SINEC NMS (< V1.0 SP3), SCALANCE (M-800, MUM-800, S615, X-200IRT, X-300, XB-200, XC-200, XP-200, XF-200BA, XR-300WG)
- **Identification & Control:** SIMATIC CP (1242-7 V2, 1243-1, 1543-1, 1545-1, 443-1 Advanced), SIMATIC S7-1200 & S7-1500 CPUs, SIMATIC WinCC.
- **Remote Access:** SINEMA Remote Connect Server (< V3.1), TeleControl Server Basic V3 (< V3.1.1).
- **Legacy/No Fix Planned:** SINAUT Software ST7sc, SINAUT ST7CC, SCALANCE W-1700, and specific versions of SIMATIC PCS 7.
## Vulnerability Description
The vulnerability exists within the OpenSSL `BN_mod_sqrt()` function, which is used to compute modular square roots. When parsing certificates that contain elliptic curve (EC) parameters with invalid or specially crafted values, the function can enter an infinite loop. In affected Siemens products, an attacker can trigger this loop by providing a malformed certificate during a TLS handshake or other certificate-parsing operations, leading to a permanent Denial of Service (DoS) of the process or device.
## Exploitation
- **Status:** PoC available; widely known public vulnerability.
- **Complexity:** Low (the process of crafting the malformed certificate is well-documented).
- **Attack Vector:** Network (unauthenticated).
## Impact
- **Confidentiality:** None
- **Integrity:** None
- **Availability:** Total (Process/System hang or crash requiring manual intervention/restart).
## Remediation
### Patches
Siemens has released updates for numerous product lines. Key updates include:
- **Industrial Edge OPC UA Connector:** Update to V5.5.1 or later.
- **SINEC INS/NMS:** Update to V1.0 SP2 / V1.0 SP3 or later.
- **SIMATIC CP 1242-7 V2 / 1243-1:** Update to V3.4.29 or later.
- **SIMATIC CP 1543-1:** Update to V3.0.37 or later.
- **SCALANCE X-300:** Updates released as of July 2024.
- **SIMATIC S7-1500 Software Controller:** Update to V21.9 or later.
### Workarounds
For products where no fix is available (e.g., SINAUT ST7) or not yet installed:
- Restrict network access to affected devices to trusted IP addresses only.
- Implement defense-in-depth strategies, ensuring the devices are not directly exposed to the internet.
- Disable unnecessary TLS-based services if not required for operation.
## Detection
- **Indicators of Compromise:** Sudden, unexplained high CPU utilization on industrial controllers or networking equipment resulting in a loss of communication or management interface responsiveness.
- **Detection methods:** Use IDS/IPS signatures targeting CVE-2022-0778 certificate patterns. Vulnerability scanners (e.g., Nessus, OpenVAS) can identify outdated OpenSSL versions in networked products.
## References
- **Siemens Advisory:** hxxps://cert-portal.siemens[.]com/productcert/pdf/ssa-712929.pdf
- **OpenSSL Security Advisory:** hxxps://www.openssl[.]org/news/secadv/20220315.txt
- **Siemens Terms of Use:** hxxps://www.siemens[.]com/productcert/terms-of-use