Critical Vulnerabilities Discovered On Siemens SIMATIC And SIPLUS S7-1500 Series And How Red Balloon Can Help
Red Balloon has discovered critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 series that allow for bypass of all protected boot features. This discovery has potentially significant implications for industrial environments as these unpatchable hardware root-of-trust vulnerabilities could result in persistent arbitrary modification of S7-1500 operating code and data.
READ MORE ABOUT THESE VULNERABILITIES
Previous slide
Next slide

DEFEND FROM WITHIN

Deploy on-device security to defend embedded devices where theyโ€™re most

vulnerable โ€” and capture a definitive market advantage.

DEFEND FROM WITHIN

Deploy on-device security to defend embedded devices where theyโ€™re most

vulnerable โ€” and capture a definitive market advantage.

DEFEND FROM WITHIN

Deploy on-device security to defend embedded devices where theyโ€™re most vulnerable โ€” and capture a definitive market advantage.

PROTECT YOUR SYSTEMS

AT THEIR CORE

Red Balloon provides firmware-level protection that helps device manufacturers become Defenders โ€” who build secure devices that protect essential infrastructure. We can help you elevate the security standard and end the patching rat race with run-time security for real-time protection and zero false positives. Red Balloon. Defend From Within.

PROTECT YOUR SYSTEMS

AT THEIR CORE

Red Balloon provides firmware-level protection that helps device manufacturers become Defenders โ€” who build secure devices that protect essential infrastructure. We can help you elevate the security standard and end the patching rat race with run-time security for real-time protection and zero false positives. Red Balloon. Defend From Within.

PROTECT YOUR SYSTEMS

AT THEIR CORE

Red Balloon provides firmware-level protection that helps device manufacturers become Defenders โ€” who build secure devices that protect essential infrastructure. We can help you elevate the security standard and end the patching rat race with run-time security for real-time protection and zero false positives. Red Balloon. Defend From Within.

DEPLOYMENTS AND VERIFIED COMPATIBILITY

U.S. GOVERNMENT ENGAGEMENTS

DEPLOYMENTS AND VERIFIED COMPATIBILITY

U.S. GOVERMENT ENGAGEMENTS

DEPLOYMENTS AND VERIFIED COMPATIBILITY

U.S. GOVERNMENT ENGAGEMENTS

ELEVATE THE SECURITY STANDARD

Turn cybersecurity into marketing edge by deploying the devices that can defend themselves.

END THE PATCHING RAT RACE

Deliver continuous security without burdening developers with ongoing security demands.

KEEP SAFETY SYSTEMS SECURE

Protect mission-critical safety elements against cyberattack.

PROTECT AND RESPOND WITH SPEED AND CERTAINTY

Monitor device behavior at runtime and publish immediate alerts whenever a device deviates from its normal function.

ELEVATE THE SECURITY STANDARD

Turn cybersecurity into marketing edge by deploying the devices that can defend themselves.

END THE PATCHING RAT RACE

Deliver continuous security without burdening developers with ongoing security demands.

KEEP SAFETY SYSTEMS SECURE

Protect mission-critical safety elements against cyberattack.

PROTECT AND RESPOND WITH SPEED AND CERTAINTY

Monitor device behavior at runtime and publish immediate alerts whenever a device deviates from its normal function.

ELEVATE THE SECURITY STANDARD

Turn cybersecurity into marketing edge by deploying the devices that can defend themselves.

END THE PATCHING RAT RACE

Deliver continuous security without burdening developers with ongoing security demands.

KEEP SAFETY SYSTEMS SECURE

Protect mission-critical safety elements against cyberattack.

PROTECT AND RESPOND WITH SPEED AND CERTAINTY

Monitor device behavior at runtime and publish immediate alerts whenever a device deviates from its normal function.

GUIDED BY OUR RESEARCH

Our team specializes in advancing research for embedded security.

GUIDED BY OUR RESEARCH

Our team specializes in advancing research for embedded security.

Critical Vulnerabilites Discovered

Red Balloon has discovered critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 series that allow for bypass of all protected boot features.ย 

DARPA RADICS PROGRAM

Protecting the power grid

Red Balloon provided embedded defense to protection relays, RTUs and network equipment to increase device protection, detect attacks and bring device level forensics.

PIADC FACILITY

Commercializing tech for deployment

U.S. Government funded Red Balloon research to bring advanced on-device security with real-time detection to production-network building controllers.

THRANGRYCAT

Defeating Cisco's secure boot

Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Ciscoโ€™s proprietary secure boot mechanism and lock out future updates.

DARPA RADICS PROGRAM

Protecting the power grid

Red Balloon provided embedded defense to protection relays, RTUs and network equipment to increase device protection, detect attacks and bring device level forensics.

PIADC FACILITY

Commercializing tech for deployment

U.S. Government funded Red Balloon research to bring advanced on-device security with real-time detection to production-network building controllers.

THRANGRYCAT

Defeating Cisco's secure boot

Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Ciscoโ€™s proprietary secure boot mechanism and lock out future updates.

GUIDED BY OUR RESEARCH

Our team specializes in advancing research for embedded security.

Critical Vulnerabilites Discovered

Red Balloon has discovered critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 series that allow for bypass of all protected boot features.ย 

DARPA RADICS PROGRAM

Protecting the power grid

Red Balloon provided embedded defense to protection relays, RTUs and network equipment to increase device protection, detect attacks and bring device level forensics.

PIADC Facility

Commercializing tech for deployment

U.S. Government funded Red Balloon research to bring advanced on-device security with real-time detection to production-network building controllers.

THRANGRYCAT

Defeating Cisco's secure boot

Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Cisco’s proprietary secure boot mechanism and lock out future updates.

PROTECT YOUR SYSTEMS AGAINST EXPLOITATION

RUNTIME PROTECTION

Secure your devices in real time with unrivaled firmware security embedded to defend against memory corruption, control flow corruption, and process violations.

FIRMWARE HARDENING

Automate your firmware analysis, randomization and modification to reduce attack surfaces and harden devices against attack.

RUNTIME MONITORING

Complement your runtime protection with complete visibility on attacks and enhanced forensics.

PROTECT YOUR SYSTEMS AGAINST EXPLOITATION

RUNTIME PROTECTION

Secure your devices in real time with unrivaled firmware security embedded to defend against memory corruption, control flow corruption, and process violations.

FIRMWARE HARDENING

Automate your firmware analysis, randomization and modification to reduce attack surfaces and harden devices against attack.

RUNTIME MONITORING

Complement your runtime protection with complete visibility on attacks and enhanced forensics.

PROTECT YOUR SYSTEMS AGAINST EXPLOITATION

RUNTIME PROTECTION

Secure your devices in real time with unrivaled firmware security embedded to defend against memory corruption, control flow corruption, and process violations.

FIRMWARE HARDENING

Automate your firmware analysis, randomization and modification to reduce attack surfaces and harden devices against attack.

RUNTIME MONITORING

Complement your runtime protection with complete visibility on attacks and enhanced forensics.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.