Bug in Siemens PLC's could let hacker run code

Siemens has released firmware updates to address a vulnerability in SIMATIC S7-1200 and S7-1500 Programmable Logic Controllers (PLCs) that could allow bad actors to gain access to protected areas of memory remotely through TCP port 102.  Once they gain access, they can gain unrestricted access and execute code undetected.  This bug has been given CVE-2020-15782 with a score of 8.1.  There is no current evidence that the exploit has been used in the wild.  

https://thehackernews.com/2021/05/a-new-bug-in-siemens-plcs-could-let.html?&web_view=true

https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf

https://www.darkreading.com/physical-security/siemens-patches-major-plc-flaw-that-bypasses-its-sandbox-protection/d/d-id/1341161?&web_view=true

 For more information, or to comment on this topic, visit Yet Another Security Blog.