Siemens LOGO! V8.3 BM Electromagnetic Fault Injection Vulnerability (CVE-2022-42784) Advisory

### Key Information #### Vulnerability Description - **Vulnerability ID**: SSA-844582 - **Affected Product**: LOGO! V8.3 BM (including SIPLUS variants) - **Vulnerability Type**: Electromagnetic Interference Injection - **Impact**: Attackers can exploit electromagnetic interference injection to read and debug firmware, including memory tampering. Further actions may allow injection of public keys signed by the LOGO! V8.3 product CA. #### Affected Scope - **Affected Product Versions**: LOGO! V8.3 BM - **Affected Products**: SIPLUS LOGO! V8.3 BM #### Solution - **Current Solution**: No planned fix at this time - **Recommended Actions**: Refer to the "Workshop and Mitigation Measures" section for recommendations. #### Workshop and Mitigation Measures - **Recommended Actions**: - Use HTTPS communication only within trusted networks, excluding any unknown network devices. - If possible, connect the base module directly to LOGO! Soft Comfort and web browsers. #### General Security Recommendations - **Recommended Actions**: - Use HTTPS communication only within trusted networks, excluding any unknown network devices. - If possible, connect the base module directly to LOGO! Soft Comfort and web browsers. #### Product Description - **Product**: LOGO! V8.3 BM (including SIPLUS variants) - **Product Version**: V8.3 BM #### Vulnerability CVE-2022-42784 - **Description**: Affects device electromagnetic interference injection. This may allow attackers to read and debug firmware, including memory tampering. Further actions may enable injection of public keys signed by the product CA. - **CVSS Score**: 7.6 - **Vector**: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C - **CWE**: CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI) #### Acknowledgments - **Thanks**: - Sebastien Leger reported this vulnerability. #### Additional Information - **New Hardware Versions Released**: - LOGO! 12/24RCE (6ED1052-1MD08-0BA2) - LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) - LOGO! 24CE (6ED1052-1CC08-0BA2) - LOGO! 24CEo (6ED1052-2CC08-0BA2) - LOGO! 24RCE (6ED1052-1HB08-0BA2) - LOGO! 24RCEo (6ED1052-2HB08-0BA2) - LOGO! 230RCE (6ED1052-1FB08-0BA2) - LOGO! 230RCEo (6ED1052-2FB08-0BA2) - SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) - SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) #### Historical Data - **Version**: V1.0 (2023-12-12) - **Update**: Added information about new hardware versions for SIPLUS LOGO!. #### Terms and Use - **Terms and Use**: Siemens Security Advisory is subject to Siemens’ license terms or other applicable agreements previously agreed upon with Siemens. Where applicable, the terms and use conditions of Siemens Security Advisory (https://www.siemens.com/terms_of_use) shall apply. In case of conflict, license terms shall take precedence over terms and use conditions.

Goal Reached Thanks to every supporter — we hit 100%!

Siemens LOGO! V8.3 BM Electromagnetic Fault Injection Vulnerability (CVE-2022-42784) Advisory