Rob Hulsebos

**Name of the Vulnerable Software and Affected Versions** Festo products (affected versions not specified) **Description** The issue is related to insufficient technical documentation of Festo products' firmware, which could allow a remote unauthenticated attacker to exploit functions of an undocumented protocol. This could lead to a complete loss of confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Festo control block CPX-CEC-C1 and CPX-CMXX versions (affected versions not specified) **Description** The issue is related to the lack of authentication for a critical function in the web interface of the Festo control block CPX-CEC-C1 and CPX-CMXX. This allows unauthenticated, remote access to critical webpage functions, which may cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.