CVE-2022-3270: VDE-2022-041 | CERT@VDE

2022-11-29 12:49 (CET) VDE-2022-041

Festo: Incomplete documentation of remote accessible functions and protocols in Festo products
Share: Email | Twitter

Published

2022-11-29 12:49 (CET)

Last update

2022-11-29 12:49 (CET)

Vendor(s)

Festo SE & Co. KG

Product(s)

Article No°

Product Name

Affected Version(s)

4080499

Bus module CPX-E-EP

= All Versions

541302

Bus node CPX-FB32

= All Versions

548755

Bus node CPX-FB33

= All Versions

1912451

Bus node CPX-FB36

= All Versions

2735960

Bus node CPX-FB37

= All Versions

2093101

Bus node CPX-FB39

= All Versions

2474896

Bus node CPX-FB40

= All Versions

8110369

Bus node CPX-FB43

= All Versions

548751

Bus node CPX-M-FB34

= All Versions

548749

Bus node CPX-M-FB35

= All Versions

8110370

Bus node CPX-M-FB44

= All Versions

8110371

Bus node CPX-M-FB45

= All Versions

2798071

Bus node CTEU-EP

= All Versions

2201471

Bus node CTEU-PN

= All Versions

8107589

Bus node CTEU-PN-EX1C

= All Versions

3501040

Camera system CHB-C-N

= All Versions

Compact Vision System SBO*-C-*

= All Versions

Compact Vision System SBO*-M-*

= All Versions

Compact Vision System SBO*-Q-*

= All Versions

Control block CPX-CEC

= All Versions

Control block CPX-CEC-C1

= All Versions

Control block CPX-CEC-C1-V3

= All Versions

Control block CPX-CEC-M1

= All Versions

Control block CPX-CEC-M1-V3

= All Versions

Control block CPX-CEC-S1-V3

= All Versions

555668

Control block CPX-CMXX

= All Versions

555667

Control block CPX-CMXX

= All Versions

529041

Control block CPX-FEC-1-IE

= All Versions

Controller CECC-D

= All Versions

Controller CECC-D-BA

= All Versions

Controller CECC-LK

= All Versions

Controller CECC-S

= All Versions

Controller CECC-X-*

= All Versions

553852

Controller CECX-X-C1

= All Versions

553853

Controller CECX-X-M1

= All Versions

3605478

Controller CMXH-ST2-C5-7-DIOP

= All Versions

Controller CPX-E-CEC-*

= All Versions

8067301

Controller SBRD-Q

= All Versions

8086610

EtherNet/IP interface CPX-AP-I-EP-M12

= All Versions

8086607

EtherNet/IP interface CPX-AP-I-PN-M12

= All Versions

8069773

Gateway CPX-IOT

= All Versions

Integrated drive EMCA-EC-67-*

= All Versions

Motor controller CMMO-ST-C5-1-DION

= All Versions

Motor controller CMMO-ST-C5-1-DIOP

= All Versions

Motor controller CMMO-ST-C5-1-LKP

= All Versions

Motor controller CMMP-AS-*

= All Versions

Motor controller CMMT-AS-*

= All Versions

Operator unit CDPX-X-A-S-10

= All Versions

Operator unit CDPX-X-A-W-13

= All Versions

Operator unit CDPX-X-A-W-4

= All Versions

Operator unit CDPX-X-A-W-7

= All Versions

Planar surface gantry EXCM-*

= All Versions

8084006

Servo drive CMMT-ST-C8-1C-EP-S0

= All Versions

8084004

Servo drive CMMT-ST-C8-1C-PN-S0

= All Versions

8047502

VTEM-S1-*

= All Versions

Summary

Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent.

CVE ID

Last Update:

Nov. 29, 2022, 12:47 p.m.

Severity

Weakness

Summary

In multiple products by Festo a remote unauthenticated attacker could use functions of undocumented protocols which could lead to a complete loss of confidentiality, integrity and availability.

Details

Impact

Please consult the CVE details above.

Solution

Mitigation

Update of technical user manual documentation in next product version.

Additionally, please refer to the following Recommendations

Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN.

Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. For a secure operation follow the recommendations in the product manuals and note the protocols and their supported features in Festo Field Device Tool or Festo Automation Suite online help.

As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside

- Use firewalls to protect and separate the control system network from other networks

- Use VPN (Virtual Private Networks) tunnels if remote access is required

- Activate and apply user management and password features

- Use encrypted communication links

- Limit the access to both development and control system by physical means, operating system features, etc.

- Protect both development and control system by using up to date virus detecting solutions

Reported by

CERT@VDE coordinated with Festo SE & Co. KG.
Daniel dos Santos, Rob Hulsebos from Forescout for reporting to Festo SE & Co. KG.