Siemens has published advisory “SSA-240718: Insecure storage of HTTPS CA certificate inS7-1200 V2.x” about bug, discovered by our team. Very funny one, because PLC have built-in CA and generates valid certificates based on IP. So you can trust to CA certificate and you will have security SSL sessions with all PLCs. But as you understand all PLC have same private/public key pair for CA and private key hardcoded into firmware.
Not easy bug to fix, but we hope Siemens will do it.
Thus, allyour PLC are belong to us.