CVE-2022-3270

Summary

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.

Affected Software

VendorProductVersion RangeStatus
Festo SEBus module CPX-E-EPallaffected
Festo SEBus node CPX-FB32allaffected
Festo SEBus node CPX-FB33allaffected
Festo SEBus node CPX-FB36allaffected
Festo SEBus node CPX-FB37allaffected
Festo SEBus node CPX-FB39allaffected
Festo SEBus node CPX-FB40allaffected
Festo SEBus node CPX-FB43allaffected
Festo SEBus node CPX-M-FB34allaffected
Festo SEBus node CPX-M-FB35allaffected
Festo SEBus node CPX-M-FB44allaffected
Festo SEBus node CPX-M-FB45allaffected
Festo SEBus node CTEU-EPallaffected
Festo SEBus node CTEU-PNallaffected
Festo SEBus node CTEU-PN-EX1Callaffected
Festo SECamera system CHB-C-Nallaffected
Festo SECompact Vision System SBO*-C-*allaffected
Festo SECompact Vision System SBO*-M-*allaffected
Festo SECompact Vision System SBO*-Q-*allaffected
Festo SEControl block CPX-CECallaffected
Festo SEControl block CPX-CEC-C1allaffected
Festo SEControl block CPX-CEC-C1-V3allaffected
Festo SEControl block CPX-CEC-M1allaffected
Festo SEControl block CPX-CEC-M1-V3allaffected
Festo SEControl block CPX-CEC-S1-V3allaffected
Festo SEControl block CPX-CMXXallaffected
Festo SEControl block CPX-CMXXallaffected
Festo SEControl block CPX-FEC-1-IEallaffected
Festo SEController CECC-Dallaffected
Festo SEController CECC-D-BAallaffected
Festo SEController CECC-LKallaffected
Festo SEController CECC-Sallaffected
Festo SEController CECC-X-*allaffected
Festo SEController CECX-X-C1allaffected
Festo SEController CECX-X-M1allaffected
Festo SEController CMXH-ST2-C5-7-DIOPallaffected
Festo SEController CPX-E-CEC-*allaffected
Festo SEController SBRD-Qallaffected
Festo SEEtherNet/IP interface CPX-AP-I-EP-M12allaffected
Festo SEEtherNet/IP interface CPX-AP-I-PN-M12allaffected
Festo SEGateway CPX-IOTallaffected
Festo SEIntegrated drive EMCA-EC-67-*allaffected
Festo SEMotor controller CMMO-ST-C5-1-DIONallaffected
Festo SEMotor controller CMMO-ST-C5-1-DIOPallaffected
Festo SEMotor controller CMMO-ST-C5-1-LKPallaffected
Festo SEMotor controller CMMP-AS-*allaffected
Festo SEMotor controller CMMT-AS-*allaffected
Festo SEOperator unit CDPX-X-A-S-10allaffected
Festo SEOperator unit CDPX-X-A-W-13allaffected
Festo SEOperator unit CDPX-X-A-W-4allaffected
Festo SEOperator unit CDPX-X-A-W-7allaffected
Festo SEPlanar surface gantry EXCM-*allaffected
Festo SEServo drive CMMT-ST-C8-1C-EP-S0allaffected
Festo SEServo drive CMMT-ST-C8-1C-PN-S0allaffected
Festo SEVTEM-S1-*allaffected
Festo SEBus module CPX-E-PNallaffected

Weaknesses

  • CWE-1059: CWE-1059 Incomplete Documentation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References