A newly discovered flaw (CVE-2022-38465) in some Siemens S7 PLCs can allow an attacker to extract the hardcoded private key of the controller and gain complete control.
Siemens has patched dozens of vulnerabilities in several of its ICS products, including Parasolid, RuggedCom ROS, and Simcenter Femap.
The industrial manufacturing company disclosed several high- and critical-severity vulnerabilities that could enable denial-of-service, code execution and more.