Festo: >> Controller Cecc-S Security Vulnerabilities
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-26
In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-12-01