CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
82.1%
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
3s-software | codesys_runtime_system | - | cpe:2.3:a:3s-software:codesys_runtime_system:-:*:*:*:*:*:*:* |
festo | cecx-x-c1_modular_master_controller | - | cpe:2.3:h:festo:cecx-x-c1_modular_master_controller:-:*:*:*:*:*:*:* |
softmotion3d | softmotion | - | cpe:2.3:a:softmotion3d:softmotion:-:*:*:*:*:*:*:* |
festo | cecx-x-m1_modular_controller | - | cpe:2.3:h:festo:cecx-x-m1_modular_controller:-:*:*:*:*:*:*:* |