PT-2014-3831 · Festo+1 · Festo Cecx-X-C1 Modular Master Controller+2
Published
2014-04-25
·
Updated
2025-07-02
·
CVE-2014-0769
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Festo CECX-X-C1 Modular Master Controller with CoDeSys (affected versions not specified)
Festo CECX-X-M1 Modular Controller with CoDeSys (affected versions not specified)
Description
The issue allows remote attackers to modify the configuration or delete log entries without authentication. This can be achieved by sending a request to the debug service on port 4000 or the log service on port 4001.
Recommendations
For Festo CECX-X-C1 Modular Master Controller with CoDeSys, restrict access to the debug service on port 4000 and the log service on port 4001 to minimize the risk of exploitation.
For Festo CECX-X-M1 Modular Controller with CoDeSys, restrict access to the debug service on port 4000 and the log service on port 4001 to minimize the risk of exploitation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Codesys
Festo Cecx-X-C1 Modular Master Controller
Festo Cecx-X-M1 Modular Controller