Festo Advisory Feed by CERT@VDEhttps://cert.vde.com/de/advisories/2024-01-30T07:00:00+00:00Feed for Festo Advisories by CERT@VDEFesto: Multiple products contain CoDe16 vulnerability2024-01-30T07:00:00+00:002024-01-25T11:05:07+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2023-063/<h4>VDE-2023-063</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>3473128</td><td>Control block CPX-CEC-C1-V3 (HW <= 8)</td><td> <= 4.0.4</td></tr><tr><td>3472765</td><td>Control block CPX-CEC-M1-V3 (HW <= 8)</td><td> <= 4.0.4</td></tr><tr><td>3472425</td><td>Control block CPX-CEC-S1-V3 (HW <= 8)</td><td> <= 4.0.4</td></tr><tr><td>4252742</td><td>Control block CPX-E-CEC-C1-EP (HW < 8)</td><td> 2.2.14</td></tr><tr><td>4252742</td><td>Control block CPX-E-CEC-C1-EP (HW >= 8)</td><td> 3.2.10</td></tr><tr><td>5226780</td><td>Control block CPX-E-CEC-C1 (HW <= 5)</td><td> <= 10.1.4</td></tr><tr><td>4252741</td><td>Control block CPX-E-CEC-C1-PN (HW < 8)</td><td> 2.2.14</td></tr><tr><td>4252741</td><td>Control block CPX-E-CEC-C1-PN (HW >= 8)</td><td> 3.2.10</td></tr><tr><td>4252744</td><td>Control block CPX-E-CEC-M1-EP (HW < 8)</td><td> 2.2.14</td></tr><tr><td>4252744</td><td>Control block CPX-E-CEC-M1-EP (HW >= 8)</td><td> 3.2.10</td></tr><tr><td>5266781</td><td>Control block CPX-E-CEC-M1 (HW <= 5)</td><td> <= 10.1.4</td></tr><tr><td>4252743</td><td>Control block CPX-E-CEC-M1-PN (HW < 8)</td><td> 2.2.14</td></tr><tr><td>4252743</td><td>Control block CPX-E-CEC-M1-PN (HW >= 8)</td><td> 3.2.10</td></tr><tr><td>8072995</td><td>Controller CECC-D-BA (HW <=7)</td><td> <= 2.4.2</td></tr><tr><td>2463301</td><td>Controller CECC-D-CS (HW <=7)</td><td> <= 2.4.2</td></tr><tr><td>574415</td><td>Controller CECC-D (HW <= 7)</td><td> <= 2.4.2</td></tr><tr><td>574418</td><td>Controller CECC-LK (HW <= 7)</td><td> <= 2.4.2</td></tr><tr><td>574416</td><td>Controller CECC-S (HW <= 7)</td><td> <= 2.4.2</td></tr><tr><td>4407603</td><td>Controller CECC-X-M1 (Gen3)</td><td> <= 3.8.18</td></tr><tr><td>8124922</td><td>Controller CECC-X-M1 (Gen4)</td><td> <= 4.0.18</td></tr><tr><td>4407605</td><td>Controller CECC-X-M1-MV (Gen3)</td><td> <= 3.8.18</td></tr><tr><td>8124923</td><td>Controller CECC-X-M1-MV (Gen4)</td><td> <= 4.0.18</td></tr><tr><td>4407606</td><td>Controller CECC-X-M1-MV-S1 (Gen3)</td><td> <= 3.8.18</td></tr><tr><td>8124924</td><td>Controller CECC-X-M1-MV-S1 (Gen4)</td><td> <= 4.0.18</td></tr><tr><td>574412</td><td>Operator unit CDPX-X-A-S-10</td><td> <= 3.5.7.159</td></tr><tr><td>574413</td><td>Operator unit CDPX-X-A-W-13</td><td> <= 3.5.7.159</td></tr><tr><td>574410</td><td>Operator unit CDPX-X-A-W-4</td><td> <= 3.5.7.159</td></tr><tr><td>574411</td><td>Operator unit CDPX-X-A-W-7</td><td> <= 3.5.7.159</td></tr><tr><td>8155217</td><td>Operator unit CDPX-X-E1-W-10</td><td> <= 3.5.7.159</td></tr><tr><td>8155218</td><td>Operator unit CDPX-X-E1-W-15</td><td> <= 3.5.7.159</td></tr><tr><td>8155216</td><td>Operator unit CDPX-X-E1-W-7</td><td> <= 3.5.7.159</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2022-47378: 6.5 (CVSS:3.1)<br>⠀CVE-2022-47379: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47380: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47381: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47382: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47383: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47384: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47385: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47386: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47387: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47388: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47389: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47390: 8.8 (CVSS:3.1)<br>⠀CVE-2022-47392: 6.5 (CVSS:3.1)<br>⠀CVE-2022-47393: 6.5 (CVSS:3.1)<br>⠀CVE-2022-47391: 7.5 (CVSS:3.1)<br><h4>Summary</h4><p>Several high severity vulnerabilities in CODESYS V3 affecting Festo products could lead to Remote Code Execution or Denial of Service.</p><h4>Impact</h4><p>Please check the references in the CVEs.</p><h4>Solution</h4><p><b>Mitigation</b></p>
<p>As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks</li>
<li>Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul>
<p></p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.<br>For a secure operation follow the recommendations in the product manuals.</p>
<p><b>Remediation</b></p>
<p>For all vulnerability identifiers except CECC-D, <span>CECC-D-CS, CECC-D-BA</span>, CECC-S, CECC-X Gen3 and CECC-LK: Update planned end of Q3 2024.</p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2023-063/" target=_new>https://cert.vde.com/de/advisories/VDE-2023-063/</a>
FESTO: Multiple products affected by WIBU Codemeter vulnerability (Update A)2023-11-28T07:00:00+00:002023-12-05T09:07:08+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2023-036/<h4>VDE-2023-036</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br/>Festo Didactic SE<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>8038980</td><td>CIROS 6 Studio / Education</td><td>6.0.0 <= 6.4.6</td></tr><tr><td>8140773</td><td>CIROS 7 Studio / Education</td><td>7.0.0 <= 7.1.7</td></tr><tr><td>8140772</td><td>CIROS 7 Studio / Education</td><td>7.0.0 <= 7.1.7</td></tr><tr><td>8074657</td><td>Festo Automation Suite</td><td> <= 2.6.0.481</td></tr><tr><td>8085497</td><td>FluidDraw 365</td><td> <= 7.0a</td></tr><tr><td>8085496</td><td>FluidDraw P6</td><td> <= 6.2k</td></tr><tr><td>8148814</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td>8148657</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td></td><td>FluidSIM</td><td> = 5.x</td></tr><tr><td>8148658</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td>8148659</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td>8148812</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td>8148813</td><td>FluidSIM</td><td>6 <= 6.1c</td></tr><tr><td></td><td>MES PC</td><td> < December 2023</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2023-3935: 9.8 (CVSS:3.1)<br><h4>Summary</h4><p>A vulnerability in the Wibu CodeMeter Runtime, which is part of the installation packages of<br>several Festo products, was found. This could lead to remote code execution and escalation of<br>privileges giving full admin access on the host system. </p>
<p><strong>Update A, 2023-12-05</strong></p>
<ul>
<li>removed "MES4 (v3)", "MES4 (<=v2)" and Energy-PC from affected products as they do not install the affected WIBU Codemeter release.</li>
</ul><h4>Impact</h4><p>An attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.</p>
<p>Exploiting the vulnerability in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full access on this workstation for an already authenticated user (logged in locally to the PC).</p><h4>Solution</h4><p><strong></strong><b>Remediation</b></p>
<p>Festo Automation Suite: Fix scheduled for Mid-2024.<br>All other affected products: Update Codemeter to version >= 7.60c.<br><br></p>
<p><strong>General recommendations </strong></p>
<p>Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN.</p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.</p>
<p>As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:</p>
<p>- Use devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside <br>- Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required <br>- Activate and apply user management and password features <br>- Use encrypted communication links <br>- Limit the access to both development and control system by physical means, operating system features, etc. <br>- Protect both development and control system by using up to date virus detecting solutions </p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2023-036/" target=_new>https://cert.vde.com/de/advisories/VDE-2023-036/</a>
Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions2023-09-05T10:00:00+00:002023-09-01T06:42:17+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2023-020/<h4>VDE-2023-020</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>8169406</td><td>MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD</td><td> all versions</td></tr><tr><td>8157913</td><td>MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L5-AGD</td><td> all versions</td></tr><tr><td>8169407</td><td>MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L4-MQ1-AGD</td><td> all versions</td></tr><tr><td>8157912</td><td>MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L5-MQ1-AGD</td><td> all versions</td></tr><tr><td>8157908</td><td>MSE6-C2M-5000-FB44-D-M-RG-BAR-AMI-AGD</td><td> all versions</td></tr><tr><td>8157909</td><td>MSE6-C2M-5000-FB44-D-RG-BAR-AMI-AGD</td><td> all versions</td></tr><tr><td>8085453</td><td>MSE6-D2M-5000-CBUS-S-RG-BAR- VCB-AGD</td><td> all versions</td></tr><tr><td>2465321</td><td>MSE6-E2M-5000-FB13-AGD</td><td> all versions</td></tr><tr><td>3990296</td><td>MSE6-E2M-5000-FB36-AGD</td><td> all versions</td></tr><tr><td>3992150</td><td>MSE6-E2M-5000-FB37-AGD</td><td> all versions</td></tr><tr><td>8157910</td><td>MSE6-E2M-5000-FB43-AGD</td><td> all versions</td></tr><tr><td>8157911</td><td>MSE6-E2M-5000-FB44-AGD</td><td> all versions</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2023-3634: 8.8 (CVSS:3.1)<br><h4>Summary</h4><p>Incomplete user documentation of undocumented, authenticated test mode and further remote accessible functions. The supported features may be covered only partly by the corresponding user documentation.</p>
<p>Festo developed the products according to the respective state of the art. As a result, the protocols used no longer fully meet today's security requirements. The products are designed and developed for use in sealed-off (industrial) networks. If the network is not adequately sealed off, unauthorized access to the product can cause damage or malfunctions, particularly Denial of Service (DoS) or loss of integrity.</p><h4>Impact</h4><p>In products of the MSE6 product-family by Festo a remote authenticated attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability.</p><h4>Solution</h4><p><b>Remediation</b></p>
<p>Update of user documentation in next product version.</p>
<p><b>General recommendations</b></p>
<p>Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN.</p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.</p>
<p>As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2023-020/" target=_new>https://cert.vde.com/de/advisories/VDE-2023-020/</a>
Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products2022-12-13T11:50:04+00:002022-12-13T11:54:27+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-038/<h4>VDE-2022-038</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br/>Festo Didactic SE<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>8038980</td><td>CIROS</td><td> <= 6.4.6 (before 2022-09-15)</td></tr><tr><td>8140772</td><td>CIROS</td><td> <= 7.0.6 (before 2022-09-15)</td></tr><tr><td>8140773</td><td>CIROS</td><td> <= 7.0.6 (before 2022-09-15)</td></tr><tr><td></td><td>FluidDraw P5</td><td> all versions</td></tr><tr><td></td><td>FluidDraw P6</td><td> < 6.2c</td></tr><tr><td></td><td>MES PC</td><td> = n/a</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2021-41057: 7.1 (CVSS:3.1)<br><h4>Summary</h4><div class="page" title="Page 2">
<div class="section">
<div class="layoutArea">
<div class="column">
<p>A vulnerability was reported in WIBU-SYSTEMS CodeMeter Runtime. <br>WIBU-SYSTEMS CodeMeter Runtime is part of the installation packages of several Festo products.<br>FluidDraw < 6.2c and CIROS <= 7.0.6 contain a vulnerable version of WIBU-SYSTEMS CodeMeter Runtime.</p>
</div>
</div>
</div>
</div><h4>Solution</h4><p><strong>FluidDraw P5, FluidDraw P6</strong></p>
<p>Avoid any FluidDraw installation with a FluidDraw installation package below version 6.2c. Updated versions of FluidDraw are available on the Festo website.</p>
<p>In case of a FluidDraw installation package with a version below 6.2c, do not use the WIBU CodeMeter package, that is part of the FluidDraw installation package. Skip the CodeMeter installation step during the FluidDraw installation and instead use a current CodeMeter version from the WIBU website and install that separately. In case of an already installed vulnerable CodeMeter version, update all of these WIBU CodeMeter installations with the current version of WIBU CodeMeter.</p>
<p>Please refer to the WIBU CodeMeter documentation and website for further details and mitigations on usage of WIBU CodeMeter Runtime before 7.30a.<br><b></b></p>
<div class="page" title="Page 5">
<div class="section">
<div class="layoutArea">
<div class="column">
<p><strong>CIROS</strong></p>
<p><span></span><span>For future installations, ensure you're using a CIROS installer downloaded from <a href="https://ip.festo-didactic.com/Infoportal/CIROS/EN/Download.html" target="_blank">https://ip.festo-didactic.com/</a> Infoportal/CIROS/EN/Download.html after September 15, 2022. For existing installations, update the WIBU CodeMeter Runtime separately with at least version 7.30a downloaded from the WIBU Systems website. Please refer to the WIBU CodeMeter documentation and website for further details and mitigations on usage of WIBU CodeMeter Runtime before 7.30a.</span></p>
<p><span></span><strong>MES PC</strong></p>
<p>If your copy of MES4 came preinstalled on a PC shipped before December 2022, you'll need to make sure this PC has at least CodeMeter Runtime 7.30a installed. If necessary, download the update from the WIBU Systems website.</p>
<p><strong>Additional to the above:</strong></p>
</div>
</div>
</div>
</div>
<div class="page" title="Page 3">
<div class="section">
<div class="layoutArea">
<div class="column">
<p><span>Festo strongly recommends to restrict unprivileged access to machines running Festo software and to minimize and protect network access to connected devices with state of the art techniques and processes. </span></p>
<p><span>For a secure operation follow the recommendations in the product manuals. </span></p>
</div>
</div>
</div>
</div>
<p></p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-038/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-038/</a>
Festo: Incomplete documentation of remote accessible functions and protocols in Festo products (Update A)2022-11-29T11:49:27+00:002022-12-13T08:50:12+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-041/<h4>VDE-2022-041</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>4080499</td><td>Bus module CPX-E-EP</td><td> = All Versions</td></tr><tr><td>4080497</td><td>Bus module CPX-E-PN</td><td> = All Versions</td></tr><tr><td>541302</td><td>Bus node CPX-FB32</td><td> = All Versions</td></tr><tr><td>548755</td><td>Bus node CPX-FB33</td><td> = All Versions</td></tr><tr><td>1912451</td><td>Bus node CPX-FB36</td><td> = All Versions</td></tr><tr><td>2735960</td><td>Bus node CPX-FB37</td><td> = All Versions</td></tr><tr><td>2093101</td><td>Bus node CPX-FB39</td><td> = All Versions</td></tr><tr><td>2474896</td><td>Bus node CPX-FB40</td><td> = All Versions</td></tr><tr><td>8110369</td><td>Bus node CPX-FB43</td><td> = All Versions</td></tr><tr><td>548751</td><td>Bus node CPX-M-FB34</td><td> = All Versions</td></tr><tr><td>548749</td><td>Bus node CPX-M-FB35</td><td> = All Versions</td></tr><tr><td>8110370</td><td>Bus node CPX-M-FB44</td><td> = All Versions</td></tr><tr><td>8110371</td><td>Bus node CPX-M-FB45</td><td> = All Versions</td></tr><tr><td>2798071</td><td>Bus node CTEU-EP</td><td> = All Versions</td></tr><tr><td>2201471</td><td>Bus node CTEU-PN</td><td> = All Versions</td></tr><tr><td>8107589</td><td>Bus node CTEU-PN-EX1C</td><td> = All Versions</td></tr><tr><td>3501040</td><td>Camera system CHB-C-N</td><td> = All Versions</td></tr><tr><td></td><td>Compact Vision System SBO*-C-*</td><td> = All Versions</td></tr><tr><td></td><td>Compact Vision System SBO*-M-*</td><td> = All Versions</td></tr><tr><td></td><td>Compact Vision System SBO*-Q-*</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-C1</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-C1-V3</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-M1</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-M1-V3</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-S1-V3</td><td> = All Versions</td></tr><tr><td>555667</td><td>Control block CPX-CMXX</td><td> = All Versions</td></tr><tr><td>555668</td><td>Control block CPX-CMXX</td><td> = All Versions</td></tr><tr><td>529041</td><td>Control block CPX-FEC-1-IE</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-D</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-D-BA</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-LK</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-S</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-X-*</td><td> = All Versions</td></tr><tr><td>553852</td><td>Controller CECX-X-C1</td><td> = All Versions</td></tr><tr><td>553853</td><td>Controller CECX-X-M1</td><td> = All Versions</td></tr><tr><td>3605478</td><td>Controller CMXH-ST2-C5-7-DIOP</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-*</td><td> = All Versions</td></tr><tr><td>8067301</td><td>Controller SBRD-Q</td><td> = All Versions</td></tr><tr><td>8086610</td><td>EtherNet/IP interface CPX-AP-I-EP-M12</td><td> = All Versions</td></tr><tr><td>8086607</td><td>EtherNet/IP interface CPX-AP-I-PN-M12</td><td> = All Versions</td></tr><tr><td>8069773</td><td>Gateway CPX-IOT</td><td> = All Versions</td></tr><tr><td></td><td>Integrated drive EMCA-EC-67-*</td><td> = All Versions</td></tr><tr><td></td><td>Motor controller CMMO-ST-C5-1-DION</td><td> = All Versions</td></tr><tr><td></td><td>Motor controller CMMO-ST-C5-1-DIOP</td><td> = All Versions</td></tr><tr><td></td><td>Motor controller CMMO-ST-C5-1-LKP</td><td> = All Versions</td></tr><tr><td></td><td>Motor controller CMMP-AS-*</td><td> = All Versions</td></tr><tr><td></td><td>Motor controller CMMT-AS-*</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-S-10</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-13</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-4</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-7</td><td> = All Versions</td></tr><tr><td></td><td>Planar surface gantry EXCM-*</td><td> = All Versions</td></tr><tr><td>8084006</td><td>Servo drive CMMT-ST-C8-1C-EP-S0</td><td> = All Versions</td></tr><tr><td>8084004</td><td>Servo drive CMMT-ST-C8-1C-PN-S0</td><td> = All Versions</td></tr><tr><td>8047502</td><td>VTEM-S1-*</td><td> = All Versions</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2022-3270: 9.8 (CVSS:3.1)<br><h4>Summary</h4><p>Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent.</p>
<p><strong>Update A, 2022-12-13</strong></p>
<p>Added affected device "Bus module <span>CPX-E-PN, 4080497"</span></p><h4>Impact</h4><p>Please consult the CVE details above.</p><h4>Solution</h4><p><b>Mitigation</b></p>
<p><b></b>Update of technical user manual documentation in next product version.</p>
<blockquote>
<p>Additionally, please refer to the following Recommendations</p>
<p>Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN.</p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. For a secure operation follow the recommendations in the product manuals and note the protocols and their supported features in Festo Field Device Tool or Festo Automation Suite online help.</p>
<p>As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</p>
<p>- Use firewalls to protect and separate the control system network from other networks</p>
<p>- Use VPN (Virtual Private Networks) tunnels if remote access is required</p>
<p>- Activate and apply user management and password features</p>
<p>- Use encrypted communication links</p>
<p>- Limit the access to both development and control system by physical means, operating system features, etc.</p>
<p>- Protect both development and control system by using up to date virus detecting solutions</p>
<p></p>
</blockquote><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-041/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-041/</a>
Festo: Multiple Festo products contain an unsafe default Codesys configuration2022-11-29T11:41:18+00:002022-11-29T11:45:05+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-037/<h4>VDE-2022-037</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td></td><td>Compact Vision System SBO*-Q-*</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-C1 Codesys V2</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-C1-V3 Codesys V3</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC Codesys V2</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-M1 Codesys V2</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-M1-V3 Codesys V3</td><td> = All Versions</td></tr><tr><td></td><td>Control block CPX-CEC-S1-V3 Codesys V3</td><td> = All Versions</td></tr><tr><td>555667</td><td>Control block CPX-CMXX</td><td> = All Versions</td></tr><tr><td>555668</td><td>Control block CPX-CMXX</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-D</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-D-BA</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-D-CS</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-LK</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-S</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-X-M1</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-X-M1-MV</td><td> = All Versions</td></tr><tr><td></td><td>Controller CECC-X-M1-S1</td><td> = All Versions</td></tr><tr><td>553852</td><td>Controller CECX-X-C1</td><td> = All Versions</td></tr><tr><td>553853</td><td>Controller CECX-X-M1</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-C1</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-C1-EP</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-C1-PN</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-M1</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-M1-EP</td><td> = All Versions</td></tr><tr><td></td><td>Controller CPX-E-CEC-M1-PN</td><td> = All Versions</td></tr><tr><td>559869</td><td>Controller FED-CEC</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-S-10</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-13</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-4</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-A-W-7</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-E1-W-10</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-E1-W-15</td><td> = All Versions</td></tr><tr><td></td><td>Operator unit CDPX-X-E1-W-7</td><td> = All Versions</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2022-22515: 8.1 (CVSS:3.1)<br>⠀CVE-2022-31806: 9.8 (CVSS:3.1)<br><h4>Summary</h4><p>The products are shipped with an unsafe configuration of the integrated CODESYS Runtime<br>environment. In this case no default password is set to the CODESYS PLC and therefore access<br>without authentication is possible.</p>
<p>With a successful established connection to the CODESYS Runtime the PLC-Browser commands are<br>available. Thus granting the possibilities to e.g. read and modify the configuration file(s), start/stop<br>the application and reboot the device.</p><h4>Solution</h4><p><b>Mitigation</b></p>
<p>Festo has identified the following compensatory measures to reduce the risk:</p>
<ul>
<li>For CVE-2022-22515: Using the online user management prevents an attacker from<br>downloading and execute malicious code, but also suppresses start, stop, debug, or other<br>actions on a known working application that could potentially disrupt a machine or system.</li>
<li>For CVE-2022-31806: Enable password protection at login in case no password is set at the controller. Please note that the password configuration file is not covered via default FFT backup & Restore mechanism, you must select the related file manually.</li>
</ul>
<p><strong>General recommendations<br></strong><br>As part of a security strategy, Festo recommends the following general defense measures to reduce<br>the risk of exploits:</p>
<p>- Use controllers and devices only in a protected environment to minimize network exposure and<br>ensure that they are not accessible from outside<br>- Use firewalls to protect and separate the control system network from other networks<br>- Use VPN (Virtual Private Networks) tunnels if remote access is required<br>- Activate and apply user management and password features<br>- Use encrypted communication links<br>- Limit the access to both development and control system by physical means, operating system<br>features, etc.<br>- Protect both development and control system by using up to date virus detecting solutions<br>Festo strongly recommends to minimize and protect network access to connected devices with state<br>of the art techniques and processes.<br><br>For a secure operation follow the recommendations in the product manuals.</p>
<p></p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-037/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-037/</a>
Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function UPDATE A2022-09-20T10:00:00+00:002022-10-19T06:00:29+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-036/<h4>VDE-2022-036</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>567347</td><td>Control block CPX-CEC-C1</td><td> <= 2.0.12</td></tr><tr><td>555668</td><td>Control block CPX-CMXX</td><td> <= 1.2.34 rev.404</td></tr><tr><td>555667</td><td>Control block CPX-CMXX</td><td> <= 1.2.34 rev.404</td></tr><tr><td>568714</td><td>Control block-SET CPX-CEC-C1</td><td> <= 2.0.12</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2022-3079: 7.5 (CVSS:3.1)<br><h4>Summary</h4><blockquote>
<p><strong>UPDATE A (19.10.2022):</strong> Added Control block-Set CPX-CEC-C1 and Control block-SET<br>CPX-CMXX to affected products.</p>
</blockquote>
<p>Unauthenticated access to critical webpage functions (e.g. reboot) may cause a denial of service of the device.</p><h4>Impact</h4><p>CPX-CEC-C1 and CPX-CMXX allow unauthenticated access to critical webpage functions (e.g. reboot) which may cause a denial of service of the device</p><h4>Solution</h4><p><b>Remediation</b></p>
<p>Currently no fix is planned.</p>
<p>Replace <strong>CPX-CEC-C1</strong> with follow-up product<strong> CPX-CEC-C1-V3</strong>.</p>
<p>Replace <strong>CPX-CMXX</strong> with follow up product <strong>CPX-CEC-M1-V3</strong>.</p>
<p><strong>General recommendations</strong></p>
<p>As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks</li>
<li>Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul>
<p></p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.<br>For a secure operation follow the recommendations in the product manuals.</p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-036/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-036/</a>
Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system2022-07-18T10:00:00+00:002022-07-18T09:19:48+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-027/<h4>VDE-2022-027</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>574415</td><td>Controller CECC-D</td><td> = R07 (07.06.2021) = 2.4.2.0</td></tr><tr><td>574418</td><td>Controller CECC-LK</td><td> = R07 (07.06.2021) = 2.4.2.0</td></tr><tr><td>574416</td><td>Controller CECC-S</td><td> = R07 (07.06.2021) = 2.4.2.0</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2019-5105: 7.5 (CVSS:3.1)<br>⠀CVE-2021-29241: 7.5 (CVSS:3.1)<br>⠀CVE-2021-29242: 7.3 (CVSS:3.1)<br>⠀CVE-2022-22519: 7.5 (CVSS:3.1)<br>⠀CVE-2022-22517: 7.5 (CVSS:3.1)<br>⠀CVE-2022-22515: 8.1 (CVSS:3.1)<br>⠀CVE-2022-22514: 7.1 (CVSS:3.1)<br>⠀CVE-2022-22513: 6.5 (CVSS:3.1)<br>⠀CVE-2021-36763: 7.5 (CVSS:3.1)<br>⠀CVE-2021-33485: 9.8 (CVSS:3.1)<br>⠀CVE-2020-12068: 6.5 (CVSS:3.1)<br>⠀CVE-2020-10245: 9.8 (CVSS:3.1)<br>⠀CVE-2020-15806: 7.5 (CVSS:3.1)<br>⠀CVE-2019-9011: -1 (CVSS:3.1)<br>⠀CVE-2019-9013: 8.8 (CVSS:3.0)<br>⠀CVE-2020-12067: -1 (CVSS:3.1)<br>⠀CVE-2020-12069: -1 (CVSS:3.1)<br>⠀CVE-2021-36764: 7.5 (CVSS:3.1)<br><h4>Summary</h4><p>The Festo controller CECC product family in firmware version 2.4.2.0 is affected by multiple vulnerabilities in the CODESYS V3 runtime.</p><h4>Impact</h4><p>By using the listed vulnerabilities an unauthorized remote attacker may gain full access to the devices or make them unavailable.</p><h4>Solution</h4><p><strong>Remediation</strong></p>
<p>No fix planned. This issue will be handled with next hardware generation release.<br><br></p>
<p><strong>General recommendations</strong></p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.<br>Festo also highly recommends to apply available firmware updates containig security related changes as soon as possible.<br>For a secure operation follow the recommendations in the product manuals.<br>Until Festo provides a firmware-update with CODESYS runtime patching the vulnerabilities general recommendation is to:</p>
<ol>
<li>Do not use the Codesys Web server of the Web-visualization.</li>
<li>The access to a PLC with an active webserver should be restricted on network level to participants for whom it is strictly necessary. Also, the PLC should never be exposed to the internet. Assist IT staff to block access (from outside of company network or from outside of virtual network assigned to machines) to PLC through existing network equipment (routers, firewalls etc) by blocking specific ports and protocols (UDP, TCP).</li>
<li>PLC with WEB server active shall only include visualization screens in the application that are intended for being accessed by operators of the CODESYS WebVisu and the CODESYS Remote TargetVisu.</li>
<li>Activation of the Codesys device user management and visualization user management if Web visualization is used.
<ul>
<li>With the activation of the user management on the device any online service requires an appropriate authentication. It is highly recommended to setup at least one administrator user. Moreover, a set of users belonging to the appropriate groups allow maintaining leveled access rights.</li>
<li>Use the protection of the user management in the CODESYS visualization not only for the navigation elements but also for all elements that should be restricted to certain operators only.</li>
</ul>
</li>
</ol>
<p>As part of a security strategy, Festo supports the CODESYS GmbH recommended following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul>
<p>For more information and general recommendations for protecting machines and plants, see also the CODESYS Security Whitepaper: <a href="https://customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf">customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf</a></p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-027/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-027/</a>
Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system2022-07-18T10:00:00+00:002022-07-18T09:19:34+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-022/<h4>VDE-2022-022</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>574415</td><td>Controller CECC-D</td><td> = R05 (17.06.2016) = 2.3.8.0</td></tr><tr><td>574415</td><td>Controller CECC-D</td><td> = R06 (11.10.2016) = 2.3.8.1</td></tr><tr><td>574418</td><td>Controller CECC-LK</td><td> = R05 (17.06.2016) = 2.3.8.0</td></tr><tr><td>574418</td><td>Controller CECC-LK</td><td> = R06 (11.10.2016) = 2.3.8.1</td></tr><tr><td>574416</td><td>Controller CECC-S</td><td> = R05 (17.06.2016) = 2.3.8.0</td></tr><tr><td>574416</td><td>Controller CECC-S</td><td> = R06 (11.10.2016) = 2.3.8.1</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2020-12069: -1 (CVSS:3.1)<br>⠀CVE-2020-15806: 7.5 (CVSS:3.1)<br>⠀CVE-2010-5250: 6.9 (CVSS:2.0)<br>⠀CVE-2018-0739: 6.5 (CVSS:3.0)<br>⠀CVE-2018-20025: 7.5 (CVSS:3.0)<br>⠀CVE-2019-9011: -1 (CVSS:3.1)<br>⠀CVE-2018-20026: 7.5 (CVSS:3.0)<br>⠀CVE-2019-13532: 7.5 (CVSS:3.1)<br>⠀CVE-2019-13542: 6.5 (CVSS:3.1)<br>⠀CVE-2019-13548: 9.8 (CVSS:3.1)<br>⠀CVE-2019-18858: 9.8 (CVSS:3.1)<br>⠀CVE-2019-9008: 8.8 (CVSS:3.1)<br>⠀CVE-2020-10245: 9.8 (CVSS:3.1)<br>⠀CVE-2020-12068: 6.5 (CVSS:3.1)<br>⠀CVE-2017-3735: 5.3 (CVSS:3.0)<br>⠀CVE-2021-33485: 9.8 (CVSS:3.1)<br>⠀CVE-2021-36763: 7.5 (CVSS:3.1)<br>⠀CVE-2022-22513: 6.5 (CVSS:3.1)<br>⠀CVE-2022-22514: 7.1 (CVSS:3.1)<br>⠀CVE-2022-22515: 8.1 (CVSS:3.1)<br>⠀CVE-2022-22517: 7.5 (CVSS:3.1)<br>⠀CVE-2022-22519: 7.5 (CVSS:3.1)<br>⠀CVE-2021-29241: 7.5 (CVSS:3.1)<br>⠀CVE-2020-7052: 6.5 (CVSS:3.1)<br>⠀CVE-2019-5105: 7.5 (CVSS:3.1)<br>⠀CVE-2021-29242: 7.3 (CVSS:3.1)<br>⠀CVE-2019-9012: 7.5 (CVSS:3.0)<br>⠀CVE-2019-9010: 9.8 (CVSS:3.0)<br>⠀CVE-2019-9009: 7.5 (CVSS:3.1)<br>⠀CVE-2018-10612: 9.8 (CVSS:3.0)<br>⠀CVE-2020-12067: -1 (CVSS:3.1)<br>⠀CVE-2019-9013: 8.8 (CVSS:3.0)<br>⠀CVE-2021-36764: 7.5 (CVSS:3.1)<br><h4>Summary</h4><p>The Festo controller CECC product family is affected by multiple vulnerabilities in the CODESYS V3 runtime.</p><h4>Impact</h4><p>By using the listed vulnerabilities an remote attacker with low privileges may gain full access to the devices or make them unavailable.</p><h4>Solution</h4><p>For CVE-2010-5250, CVE-2017-3735, CVE-2018-0739, CVE-2018-10612, CVE-2018-20025, CVE-2018-20026, CVE-2019-13532, CVE-2019-13542, CVE-2019-13548, CVE-2019-18858, CVE-2019-9008, CVE-2019-9009, CVE-2019-9010, CVE-2019-9012, CVE-2020-7052: <strong>Update to version 2.4.2.0. </strong>This also fixes CODESYS Advisory 2017-01, CODESYS Advisory 2017-03, CODESYS Advisory 2017-06, CODESYS Advisory 2017-07, CODESYS Advisory 2017-09, CODESYS Advisory 2018-04, CODESYS Advisory 2018-05, CODESYS Advisory 2018-07, CODESYS Advisory 2018-11.</p>
<p>For CVE-2019-5105, CVE-2019-9011, CVE-2019-9013, CVE-2020-10245, CVE-2020-12067, CVE-2020-12068, CVE-2020-12069, CVE-2020-15806, CVE-2021-29241, CVE-2021-29242, CVE-2021-33485, CVE-2021-36763, CVE-2021-36764, CVE-2022-22513, CVE-2022-22514, CVE-2022-22515, CVE-2022-22517, CVE-2022-22519: <strong>No fix planned. This issue will be handled with next hardware generation release.</strong><br><strong></strong></p>
<p><strong></strong></p>
<p><strong>General recommendations</strong></p>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. Festo also highly recommends to apply available firmware updates containig security related changes as soon as possible. For a secure operation follow the recommendations in the product manuals.<br>Until Festo provides a firmware-update with CODESYS runtime patching the vulnerabilities general recommendation is to:</p>
<ol>
<li>Do not use the Codesys Web server of the Web-visualization.</li>
<li>The access to a PLC with an active webserver should be restricted on network level to participants for whom it is strictly necessary. Also, the PLC should never be exposed to the internet. Assist IT staff to block access (from outside of company network or from outside of virtual network assigned to machines) to PLC through existing network equipment (routers, firewalls etc) by blocking specific ports and protocols (UDP, TCP).</li>
<li>PLC with WEB server active shall only include visualization screens in the application that are intended for being accessed by operators of the CODESYS WebVisu and the CODESYS Remote TargetVisu.</li>
<li>Activation of the Codesys device user management and visualization user management if Web visualization is used.
<ul>
<li>With the activation of the user management on the device any online service requires an appropriate authentication. It is highly recommended to setup at least one administrator user. Moreover, a set of users belonging to the appropriate groups allow maintaining leveled access rights.</li>
<li>Use the protection of the user management in the CODESYS visualization not only for the navigation elements but also for all elements that should be restricted to certain operators only.</li>
</ul>
</li>
</ol>
<p>As part of a security strategy, Festo supports the CODESYS GmbH recommended following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul>
<p>For more information and general recommendations for protecting machines and plants, see also the CODESYS Security Whitepaper: <a href="https://customers.codesys.com/fileadmin/data/customers/ security/CODESYS-Security-Whitepaper.pdf">customers.codesys.com/fileadmin/data/customers/ security/CODESYS-Security-Whitepaper.pdf</a></p><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-022/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-022/</a>
Festo: CECC-X-M1 - command injection vulnerabilities (Update A)2022-07-06T07:00:00+00:002022-07-06T07:23:59+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2022-020/<h4>VDE-2022-020</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>8124922</td><td>Controller CECC-X-M1</td><td> = 4.0.14</td></tr><tr><td>4407603</td><td>Controller CECC-X-M1</td><td> <= 3.8.14</td></tr><tr><td>4407605</td><td>Controller CECC-X-M1-MV</td><td> <= 3.8.14</td></tr><tr><td>8124923</td><td>Controller CECC-X-M1-MV</td><td> = 4.0.14</td></tr><tr><td>8124924</td><td>Controller CECC-X-M1-MV-S1</td><td> = 4.0.14</td></tr><tr><td>4407606</td><td>Controller CECC-X-M1-MV-S1</td><td> <= 3.8.14</td></tr><tr><td>8082793</td><td>Controller CECC-X-M1-YS-L1</td><td> <= 3.8.14</td></tr><tr><td>8082794</td><td>Controller CECC-X-M1-YS-L2</td><td> <= 3.8.14</td></tr><tr><td>4803891</td><td>Controller CECC-X-M1-Y-YJKP</td><td> <= 3.8.14</td></tr><tr><td>8077950</td><td>Servo Press Kit YJKP</td><td> <= 3.8.14</td></tr><tr><td>8058596</td><td>Servo Press Kit YJKP-</td><td> <= 3.8.14</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2022-30311: 9.8 (CVSS:3.1)<br>⠀CVE-2022-30310: 9.8 (CVSS:3.1)<br>⠀CVE-2022-30309: 9.8 (CVSS:3.1)<br>⠀CVE-2022-30308: 9.8 (CVSS:3.1)<br><h4>Summary</h4><p>The Festo controller CECC-X-M1 product family in multiple versions are affected by a preauthentication command injection vulnerability.</p>
<p><strong>Update A</strong>, 2022-07-05</p>
<p>Remediation has been updated. Fixed firmwares are now available.</p><h4>Impact</h4><p>Any person who is able to gain access to the webserver would be able to run arbitrary system commands on the device with root privileges.</p><h4>Solution</h4><p><strong>General recommendation</strong></p>
<p>Currently, Festo has not identified any specific workarounds for this vulnerability. As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:</p>
<ul>
<li>Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside</li>
<li>Use firewalls to protect and separate the control system network from other networks</li>
<li>Use VPN (Virtual Private Networks) tunnels if remote access is required</li>
<li>Activate and apply user management and password features</li>
<li>Use encrypted communication links</li>
<li>Limit the access to both development and control system by physical means, operating system features, etc.</li>
<li>Protect both development and control system by using up to date virus detecting solutions</li>
</ul>
<p>Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. For a secure operation follow the recommendations in the product manuals.</p>
<p><strong>Remediation</strong></p>
<p></p>
<p>Please update to firmware versions as described below:</p>
<table height="531" width="558">
<tbody>
<tr>
<td><strong>Product</strong></td>
<td><strong>Product Details</strong></td>
<td><strong>Fixed in version</strong></td>
</tr>
<tr>
<td>Controller CECC-X-M1</td>
<td>Festo:Partnumber:4407603<br>Festo:Ordercode:CECC-X-M1</td>
<td>>= 3.8.18</td>
</tr>
<tr>
<td>Controller CECC-X-M1</td>
<td>Festo:Partnumber:8124922<br>Festo:Ordercode:CECC-X-M1</td>
<td>>= 4.0.18</td>
</tr>
<tr>
<td>Controller CECC-X-M1-MV</td>
<td>Festo:Partnumber:4407605<br>Festo:Ordercode:CECC-X-M1-<br>MV</td>
<td>>= 3.8.18</td>
</tr>
<tr>
<td>Controller CECC-X-M1-MV</td>
<td>Festo:Partnumber:8124923<br>Festo:Ordercode:CECC-X-M1-<br>MV</td>
<td><span>>= 4.0.18</span></td>
</tr>
<tr>
<td>Controller CECC-X-M1-MVS1</td>
<td>Festo:Partnumber:4407606<br>Festo:Ordercode:CECC-X-M1-<br>MV-S1</td>
<td><span>>= 3.8.18</span></td>
</tr>
<tr>
<td>Controller CECC-X-M1-MVS1</td>
<td>Festo:Partnumber:8124924<br>Festo:Ordercode:CECC-X-M1-<br>MV-S1</td>
<td><span>>= 4.0.18</span></td>
</tr>
<tr>
<td>Controller CECC-X-M1-YYJKP</td>
<td>Festo:Partnumber:4803891<br>Festo:Ordercode:CECC-X-M1-YYJKP</td>
<td><span>>= 3.8.18</span></td>
</tr>
<tr>
<td>Controller CECC-X-M1-YSL1</td>
<td>Festo:Partnumber:8082793<br>Festo:Ordercode:CECC-X-M1-<br>YS-L1</td>
<td><span>>= 3.8.18</span></td>
</tr>
<tr>
<td>Controller CECC-X-M1-YSL2</td>
<td>Festo:Partnumber:8082794<br>Festo:Ordercode:CECC-X-M1-<br>YS-L2</td>
<td><span>>= 3.8.18</span></td>
</tr>
<tr>
<td>Servo Press Kit YJKP</td>
<td>Festo:Partnumber:8077950<br>Festo:Ordercode:YJKP</td>
<td><span>>= 3.8.18</span></td>
</tr>
<tr>
<td>Servo Press Kit YJKP-</td>
<td>Festo:Partnumber:8058596<br>Festo:Ordercode:YJKP</td>
<td><span>>= 3.8.18</span></td>
</tr>
</tbody>
</table><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2022-020/" target=_new>https://cert.vde.com/de/advisories/VDE-2022-020/</a>
Festo SE: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q2021-09-28T11:13:47+00:002021-09-28T11:13:47+00:00CERTVDEhttps://cert.vde.com/de/advisories/author/certuser/https://cert.vde.com/de/advisories/VDE-2021-045/<h4>VDE-2021-045</h4>
<h4>Vendor(s)</h4>Festo SE & Co. KG<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td>541399</td><td>SBOC-Q-R1B</td><td> all versions</td></tr><tr><td>569771</td><td>SBOC-Q-R1B-S1</td><td> all versions</td></tr><tr><td>548317</td><td>SBOC-Q-R1C</td><td> all versions</td></tr><tr><td>569774</td><td>SBOC-Q-R1C-S1</td><td> all versions</td></tr><tr><td>551021</td><td>SBOC-Q-R2B</td><td> all versions</td></tr><tr><td>569772</td><td>SBOC-Q-R2B-S1</td><td> all versions</td></tr><tr><td>551022</td><td>SBOC-Q-R2C</td><td> all versions</td></tr><tr><td>555841</td><td>SBOC-Q-R3B-WB</td><td> all versions</td></tr><tr><td>569777</td><td>SBOC-Q-R3B-WB-S1</td><td> all versions</td></tr><tr><td>555842</td><td>SBOC-Q-R3C-WB</td><td> all versions</td></tr><tr><td>569778</td><td>SBOC-Q-R3C-WB-S1</td><td> all versions</td></tr><tr><td>541396</td><td>SBOI-Q-R1B</td><td> all versions</td></tr><tr><td>569773</td><td>SBOI-Q-R1B-S1</td><td> all versions</td></tr><tr><td>548316</td><td>SBOI-Q-R1C</td><td> all versions</td></tr><tr><td>569776</td><td>SBOI-Q-R1C-S1</td><td> all versions</td></tr><tr><td>555839</td><td>SBOI-Q-R3B-WB</td><td> all versions</td></tr><tr><td>569779</td><td>SBOI-Q-R3B-WB-S1</td><td> all versions</td></tr><tr><td>555840</td><td>SBOI-Q-R3C-WB</td><td> all versions</td></tr><tr><td>569780</td><td>SBOI-Q-R3C-WB-S1</td><td> all versions</td></tr><tr><td>8067301</td><td>SBRD-Q</td><td> all versions</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2021-27478: 7.5 (CVSS:3.1)<br>⠀CVE-2021-27482: 7.5 (CVSS:3.1)<br>⠀CVE-2021-27500: 7.5 (CVSS:3.1)<br>⠀CVE-2021-27498: 7.5 (CVSS:3.1)<br><h4>Summary</h4><p>The affected product families are cameras SBOC/SBOI and the Controller SBRD. The vulnerabilities are located within the Ethernet IP Stack from EIPStackGroup OpENer Ethernet/IP.</p><h4>Impact</h4><p>Please consult the CVEs listed above and <a href="https://us-cert.cisa.gov/ics/advisories/icsa-21-105-02" target="_blank">ICSA-21-105-02</a>.</p><h4>Solution</h4><p>There is no fix planned.</p>
<p><strong>Mitigation</strong></p>
<ul>
<li>Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.</li>
<li>
<div dir="auto">Deactivate EtherNet/IP in device settings if not used</div>
</li>
</ul><p><h4>URL</h4><a href="https://cert.vde.com/de/advisories/VDE-2021-045/" target=_new>https://cert.vde.com/de/advisories/VDE-2021-045/</a>