Siemens SIMATIC S7-1200 and S7-1500 CPUs contained in various Festo Didactic products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks



MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These are fixed in newer versions of XAMPP by updating the bundled applications.


MES PCs shipped with Windows 10 include a copy of XAMPP which contains around 140 such vulnerabilities listed in this advisory. They can be fixed by replacing XAMPP with Festo Didactic's Factory Control Panel application.


The vulnerabilities covered by this advisory have a broad range of impacts ranging from denial-ofservice to disclosure or manipulation/deletion of information. Given the intended usage of MES PCs for didactic purposes in controlled lab environments, separate from productive systems, it never comes into contact with sensitive information. Therefore the impact is reduced to limited availability of the system.

Overall, the product is affected by the following CVEs:

CVEs: CVE-2006-20001, CVE-2013-6501, CVE-2014-9705, CVE-2014-9709, CVE-2015-2301, CVE-2015-2348, CVE-2015-2787, CVE-2016-3078, CVE-2016-5385, CVE-2018-12882, CVE-2018-14851, CVE-2018-14883, CVE-2018-17082, CVE-2018-19518, CVE-2018-19935, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9025, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-11044, CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11048, CVE-2019-11049, CVE-2019-11050, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814, CVE-2020-2922, CVE-2020-7059, CVE-2020-7060, CVE-2020-7061, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070, CVE-2020-7071, CVE-2021-2007, CVE-2021-2011, CVE-2021-2022, CVE-2021-2032, CVE-2021-2144, CVE-2021-2154, CVE-2021-2166, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194, CVE-2021-2372, CVE-2021-2389, CVE-2021-21702, CVE-2021-21703, CVE-2021-21704, CVE-2021-21705, CVE-2021-21706, CVE-2021-21707, CVE-2021-21708, CVE-2021-27928, CVE-2021-35604, CVE-2021-46661, CVE-2021-46662, CVE-2021-46663, CVE-2021-46664, CVE-2021-46665, CVE-2021-46666, CVE-2021-46667, CVE-2021-46668, CVE-2021-46669, CVE-2022-4900, CVE-2022-21595, CVE-2022-23807, CVE-2022-23808, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27385, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458, CVE-2022-31625, CVE-2022-31626, CVE-2022-31628, CVE-2022-31629, CVE-2022-32081, CVE-2022-32082, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32086, CVE-2022-32087, CVE-2022-32088, CVE-2022-32089, CVE-2022-32091, CVE-2022-36760, CVE-2022-37436, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662, CVE-2023-25690, CVE-2023-25727, CVE-2023-27522

The vulnerabilities with a critical severity are listed below.



A vulnerability in the Wibu CodeMeter Runtime, which is part of the installation packages of
several Festo products, was found. This could lead to remote code execution and escalation of
privileges giving full admin access on the host system. 

Update A, 2023-12-05

  • removed "MES4 (v3)", "MES4 (<=v2)" and Energy-PC from affected products as they do not install the affected WIBU Codemeter release.



A vulnerability was reported in Siemens TIA Portal. TIA Portal is part of the installation packages of several Festo Didactic products.

TP 260 before June 2023 and MES PC based on DELL XE3 contain a vulnerable versions of TIA Portal V15 to V18.

Affected products of TIA Portal contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system.



A vulnerability in the Video.js package could allow a user of LX Appliance, with a high privilege account (i.e., with the "Teacher" role), to craft a malicious course and launch an XSS attack.



Festo: Several vulnerabilities in FactoryViews

FactoryViews bundles many third-party applications which are used in background processes to provide the software's features. From time to time, vulnerabilities in these bundled applications are discovered. These are typically fixed in newer versions of FactoryViews by updating the bundled applications.

FactoryViews versions up to and including 1.5.2 contain around 200 such vulnerabilities listed in this advisory.
Version 1.6.0 is a security rollup release which includes updates to all bundled applications and fixes these vulnerabilities.

At this time, FactoryViews Lite cannot be updated beyond version 1.1.
FactoryViews 1.7 will unify non-Lite and Lite versions and fix these vulnerabilities for users of FactoryViews Lite.



A vulnerability was reported in WIBU-SYSTEMS CodeMeter Runtime.
WIBU-SYSTEMS CodeMeter Runtime is part of the installation packages of several Festo products.
FluidDraw < 6.2c and CIROS <= 7.0.6 contain a vulnerable version of WIBU-SYSTEMS CodeMeter Runtime.



Feeds

By Vendor

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0