Zurück zur Übersicht

Festo: Incomplete documentation of remote accessible functions and protocols in Festo products

VDE-2022-041
Last update
03.11.2025 11:00
Published at
29.11.2022 12:49
Vendor(s)
Festo SE & Co. KG
External ID
FSA-202209
CSAF Document
Download

Summary

Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent.
Update A, 2022-12-13
Added affected device "Bus module CPX-E-PN, 4080497"

Impact

Please consult the CVE details above.

Affected Product(s)

Model no. Product name Affected versions
4080499 Bus module CPX-E-EP Firmware vers:all/*
4080497 Bus module CPX-E-PN Firmware vers:all/*
541302 Bus node CPX-FB32 Firmware vers:all/*
548755 Bus node CPX-FB33 Firmware vers:all/*
1912451 Bus node CPX-FB36 Firmware vers:all/*
2735960 Bus node CPX-FB37 Firmware vers:all/*
2093101 Bus node CPX-FB39 Firmware vers:all/*
2474896 Bus node CPX-FB40 Firmware vers:all/*
8110369 Bus node CPX-FB43 Firmware vers:all/*
548751 Bus node CPX-M-FB34 Firmware vers:all/*
548749 Bus node CPX-M-FB35 Firmware vers:all/*
8110370 Bus node CPX-M-FB44 Firmware vers:all/*
8110371 Bus node CPX-M-FB45 Firmware vers:all/*
2798071 Bus node CTEU-EP Firmware vers:all/*
2201471 Bus node CTEU-PN Firmware vers:all/*
8107589 Bus node CTEU-PN-EX1C Firmware vers:all/*
3501040 Camera system CHB-C-N Firmware vers:all/*
Compact Vision System SBO*-C-* Firmware vers:all/*
Compact Vision System SBO*-M-* Firmware vers:all/*
Compact Vision System SBO*-Q-* Firmware vers:all/*
Control block CPX-CEC Firmware vers:all/*
Control block CPX-CEC-C1 Firmware vers:all/*
Control block CPX-CEC-C1-V3 Firmware vers:all/*
Control block CPX-CEC-M1 Firmware vers:all/*
Control block CPX-CEC-M1-V3 Firmware vers:all/*
Control block CPX-CEC-S1-V3 Firmware vers:all/*
555667, 555668 Control block CPX-CMXX Firmware vers:all/*
529041 Control block CPX-FEC-1-IE Firmware vers:all/*
Controller CECC-D Firmware vers:all/*
Controller CECC-D-BA Firmware vers:all/*
Controller CECC-LK Firmware vers:all/*
Controller CECC-S Firmware vers:all/*
Controller CECC-X-* Firmware vers:all/*
553852 Controller CECX-X-C1 Firmware vers:all/*
553853 Controller CECX-X-M1 Firmware vers:all/*
3605478 Controller CMXH-ST2-C5-7-DIOP Firmware vers:all/*
Controller CPX-E-CEC-* Firmware vers:all/*
8067301 Controller SBRD-Q Firmware vers:all/*
8086610 EtherNet/IP interface CPX-AP-I-EP-M12 Firmware vers:all/*
8086607 EtherNet/IP interface CPX-AP-I-PN-M12 Firmware vers:all/*
8069773 Gateway CPX-IOT Firmware vers:all/*
Integrated drive EMCA-EC-67-* Firmware vers:all/*
Motor controller CMMO-ST-C5-1-DION Firmware vers:all/*
Motor controller CMMO-ST-C5-1-DIOP Firmware vers:all/*
Motor controller CMMO-ST-C5-1-LKP Firmware vers:all/*
Motor controller CMMP-AS-* Firmware vers:all/*
Motor controller CMMT-AS-* Firmware vers:all/*
Operator unit CDPX-X-A-S-10 Firmware vers:all/*
Operator unit CDPX-X-A-W-13 Firmware vers:all/*
Operator unit CDPX-X-A-W-4 Firmware vers:all/*
Operator unit CDPX-X-A-W-7 Firmware vers:all/*
Planar surface gantry EXCM-* Firmware vers:all/*
8084006 Servo drive CMMT-ST-C8-1C-EP-S0 Firmware vers:all/*
8084004 Servo drive CMMT-ST-C8-1C-PN-S0 Firmware vers:all/*
8047502 VTEM-S1-* Firmware vers:all/*

Vulnerabilities

Expand / Collapse all

Published
04.11.2025 16:18
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Insufficient Technical Documentation (CWE-1059)
Summary

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.

References
cve.org | nvd.nist.gov

Mitigation

Update of technical user manual documentation in next product version.

Acknowledgments

Festo SE & Co. KG thanks the following parties for their efforts:

  • CERT@VDE for coordination and support with this publication (see https://certvde.com )
  • Rob Hulsebos, Daniel dos Santos from Forescout for reporting

Revision History

Version Date Summary
1.0.0 29.11.2022 12:49 Initial revision.
1.1.0 05.12.2022 11:15 added bus module CPX-E-PN as affected product
1.2.0 06.04.2023 12:00 adjusted technical user documentation to user documentation and fixed some typos.
1.2.1 03.11.2025 11:00 Adjust link to VDE Advisory. Change title from "Incomplete User Documentation of Remote Accessible Functions and Protocols in Festo Products" to "Festo: Incomplete documentation of remote accessible functions and protocols in Festo products". Updated legal disclaimer to add references to special provisions.