Headline
CVE-2022-3270: VDE-2022-041 | CERT@VDE
In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.
2022-11-29 12:49 (CET) VDE-2022-041
Festo: Incomplete documentation of remote accessible functions and protocols in Festo products
Share: Email | Twitter
Published
2022-11-29 12:49 (CET)
Last update
2022-11-29 12:49 (CET)
Vendor(s)
Festo SE & Co. KG
Product(s)
Article No°
Product Name
Affected Version(s)
4080499
Bus module CPX-E-EP
= All Versions
541302
Bus node CPX-FB32
= All Versions
548755
Bus node CPX-FB33
= All Versions
1912451
Bus node CPX-FB36
= All Versions
2735960
Bus node CPX-FB37
= All Versions
2093101
Bus node CPX-FB39
= All Versions
2474896
Bus node CPX-FB40
= All Versions
8110369
Bus node CPX-FB43
= All Versions
548751
Bus node CPX-M-FB34
= All Versions
548749
Bus node CPX-M-FB35
= All Versions
8110370
Bus node CPX-M-FB44
= All Versions
8110371
Bus node CPX-M-FB45
= All Versions
2798071
Bus node CTEU-EP
= All Versions
2201471
Bus node CTEU-PN
= All Versions
8107589
Bus node CTEU-PN-EX1C
= All Versions
3501040
Camera system CHB-C-N
= All Versions
Compact Vision System SBO*-C-*
= All Versions
Compact Vision System SBO*-M-*
= All Versions
Compact Vision System SBO*-Q-*
= All Versions
Control block CPX-CEC
= All Versions
Control block CPX-CEC-C1
= All Versions
Control block CPX-CEC-C1-V3
= All Versions
Control block CPX-CEC-M1
= All Versions
Control block CPX-CEC-M1-V3
= All Versions
Control block CPX-CEC-S1-V3
= All Versions
555668
Control block CPX-CMXX
= All Versions
555667
Control block CPX-CMXX
= All Versions
529041
Control block CPX-FEC-1-IE
= All Versions
Controller CECC-D
= All Versions
Controller CECC-D-BA
= All Versions
Controller CECC-LK
= All Versions
Controller CECC-S
= All Versions
Controller CECC-X-*
= All Versions
553852
Controller CECX-X-C1
= All Versions
553853
Controller CECX-X-M1
= All Versions
3605478
Controller CMXH-ST2-C5-7-DIOP
= All Versions
Controller CPX-E-CEC-*
= All Versions
8067301
Controller SBRD-Q
= All Versions
8086610
EtherNet/IP interface CPX-AP-I-EP-M12
= All Versions
8086607
EtherNet/IP interface CPX-AP-I-PN-M12
= All Versions
8069773
Gateway CPX-IOT
= All Versions
Integrated drive EMCA-EC-67-*
= All Versions
Motor controller CMMO-ST-C5-1-DION
= All Versions
Motor controller CMMO-ST-C5-1-DIOP
= All Versions
Motor controller CMMO-ST-C5-1-LKP
= All Versions
Motor controller CMMP-AS-*
= All Versions
Motor controller CMMT-AS-*
= All Versions
Operator unit CDPX-X-A-S-10
= All Versions
Operator unit CDPX-X-A-W-13
= All Versions
Operator unit CDPX-X-A-W-4
= All Versions
Operator unit CDPX-X-A-W-7
= All Versions
Planar surface gantry EXCM-*
= All Versions
8084006
Servo drive CMMT-ST-C8-1C-EP-S0
= All Versions
8084004
Servo drive CMMT-ST-C8-1C-PN-S0
= All Versions
8047502
VTEM-S1-*
= All Versions
Summary
Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent.
CVE ID
Last Update:
Nov. 29, 2022, 12:47 p.m.
Severity
Weakness
Summary
In multiple products by Festo a remote unauthenticated attacker could use functions of undocumented protocols which could lead to a complete loss of confidentiality, integrity and availability.
Details
Impact
Please consult the CVE details above.
Solution
Mitigation
Update of technical user manual documentation in next product version.
Additionally, please refer to the following Recommendations
Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN.
Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. For a secure operation follow the recommendations in the product manuals and note the protocols and their supported features in Festo Field Device Tool or Festo Automation Suite online help.
As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
Reported by
CERT@VDE coordinated with Festo SE & Co. KG.
Daniel dos Santos, Rob Hulsebos from Forescout for reporting to Festo SE & Co. KG.
Related news
Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify either an