CVE-2022-3270
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Festo SE | Bus module CPX-E-EP | all | affected |
| Festo SE | Bus node CPX-FB32 | all | affected |
| Festo SE | Bus node CPX-FB33 | all | affected |
| Festo SE | Bus node CPX-FB36 | all | affected |
| Festo SE | Bus node CPX-FB37 | all | affected |
| Festo SE | Bus node CPX-FB39 | all | affected |
| Festo SE | Bus node CPX-FB40 | all | affected |
| Festo SE | Bus node CPX-FB43 | all | affected |
| Festo SE | Bus node CPX-M-FB34 | all | affected |
| Festo SE | Bus node CPX-M-FB35 | all | affected |
| Festo SE | Bus node CPX-M-FB44 | all | affected |
| Festo SE | Bus node CPX-M-FB45 | all | affected |
| Festo SE | Bus node CTEU-EP | all | affected |
| Festo SE | Bus node CTEU-PN | all | affected |
| Festo SE | Bus node CTEU-PN-EX1C | all | affected |
| Festo SE | Camera system CHB-C-N | all | affected |
| Festo SE | Compact Vision System SBO*-C-* | all | affected |
| Festo SE | Compact Vision System SBO*-M-* | all | affected |
| Festo SE | Compact Vision System SBO*-Q-* | all | affected |
| Festo SE | Control block CPX-CEC | all | affected |
| Festo SE | Control block CPX-CEC-C1 | all | affected |
| Festo SE | Control block CPX-CEC-C1-V3 | all | affected |
| Festo SE | Control block CPX-CEC-M1 | all | affected |
| Festo SE | Control block CPX-CEC-M1-V3 | all | affected |
| Festo SE | Control block CPX-CEC-S1-V3 | all | affected |
| Festo SE | Control block CPX-CMXX | all | affected |
| Festo SE | Control block CPX-CMXX | all | affected |
| Festo SE | Control block CPX-FEC-1-IE | all | affected |
| Festo SE | Controller CECC-D | all | affected |
| Festo SE | Controller CECC-D-BA | all | affected |
| Festo SE | Controller CECC-LK | all | affected |
| Festo SE | Controller CECC-S | all | affected |
| Festo SE | Controller CECC-X-* | all | affected |
| Festo SE | Controller CECX-X-C1 | all | affected |
| Festo SE | Controller CECX-X-M1 | all | affected |
| Festo SE | Controller CMXH-ST2-C5-7-DIOP | all | affected |
| Festo SE | Controller CPX-E-CEC-* | all | affected |
| Festo SE | Controller SBRD-Q | all | affected |
| Festo SE | EtherNet/IP interface CPX-AP-I-EP-M12 | all | affected |
| Festo SE | EtherNet/IP interface CPX-AP-I-PN-M12 | all | affected |
| Festo SE | Gateway CPX-IOT | all | affected |
| Festo SE | Integrated drive EMCA-EC-67-* | all | affected |
| Festo SE | Motor controller CMMO-ST-C5-1-DION | all | affected |
| Festo SE | Motor controller CMMO-ST-C5-1-DIOP | all | affected |
| Festo SE | Motor controller CMMO-ST-C5-1-LKP | all | affected |
| Festo SE | Motor controller CMMP-AS-* | all | affected |
| Festo SE | Motor controller CMMT-AS-* | all | affected |
| Festo SE | Operator unit CDPX-X-A-S-10 | all | affected |
| Festo SE | Operator unit CDPX-X-A-W-13 | all | affected |
| Festo SE | Operator unit CDPX-X-A-W-4 | all | affected |
| Festo SE | Operator unit CDPX-X-A-W-7 | all | affected |
| Festo SE | Planar surface gantry EXCM-* | all | affected |
| Festo SE | Servo drive CMMT-ST-C8-1C-EP-S0 | all | affected |
| Festo SE | Servo drive CMMT-ST-C8-1C-PN-S0 | all | affected |
| Festo SE | VTEM-S1-* | all | affected |
| Festo SE | Bus module CPX-E-PN | all | affected |
Weaknesses
- CWE-1059: CWE-1059 Incomplete Documentation
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.