CVE-2014-0769

Published: Apr 25, 2014

Modified: Jul 2, 2025

PUBLISHED

Description

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.

Vendor	Product	Versions
Festo	CECX-X-C1 Modular Master Controller with CoDeSys	affected `all`
Festo	CECX-X-M1 Modular Controller with CoDeSys and SoftMotion	affected `all`

Weaknesses (CWE)

CWE-287

References

https://www.cisa.gov/news-events/ics-advisories/icsa-14-084-01

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-0769

Description

Affected Products

Weaknesses (CWE)

References