CVE-2023-3634
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Festo | MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD | * | affected |
| Festo | MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L5-AGD | * | affected |
| Festo | MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L4-MQ1-AGD | * | affected |
| Festo | MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L5-MQ1-AGD | * | affected |
| Festo | MSE6-C2M-5000-FB44-D-M-RG-BAR-AMI-AGD | * | affected |
| Festo | MSE6-C2M-5000-FB44-D-RG-BAR-AMI-AGD | * | affected |
| Festo | MSE6-D2M-5000-CBUS-S-RG-BAR-VCB-AGD | * | affected |
| Festo | MSE6-E2M-5000-FB13-AGD | * | affected |
| Festo | MSE6-E2M-5000-FB36-AGD | * | affected |
| Festo | MSE6-E2M-5000-FB37-AGD | * | affected |
| Festo | MSE6-E2M-5000-FB43-AGD | * | affected |
| Festo | MSE6-E2M-5000-FB44-AGD | * | affected |
Weaknesses
- CWE-1242: CWE-1242 Inclusion of Undocumented Features or Chicken Bits
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://certvde.com/de/advisories/VDE-2023-020/
- https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2023/fsa-202304.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.