9.8

CVE-2022-3270

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented  protocol which could lead to a complete loss of confidentiality, integrity and availability.

Data is provided by the National Vulnerability Database (NVD)
FestoBus Node Cpx-fb32 Firmware Version-
   FestoBus Node Cpx-fb32 Version-
FestoBus Node Cpx-fb33 Firmware Version-
   FestoBus Node Cpx-fb33 Version-
FestoBus Node Cpx-fb36 Firmware Version-
   FestoBus Node Cpx-fb36 Version-
FestoBus Node Cpx-fb37 Firmware Version-
   FestoBus Node Cpx-fb37 Version-
FestoBus Node Cpx-fb39 Firmware Version-
   FestoBus Node Cpx-fb39 Version-
FestoBus Node Cpx-fb40 Firmware Version-
   FestoBus Node Cpx-fb40 Version-
FestoBus Node Cpx-fb43 Firmware Version-
   FestoBus Node Cpx-fb43 Version-
FestoBus Node Cteu-ep Firmware Version-
   FestoBus Node Cteu-ep Version-
FestoBus Node Cteu-pn Firmware Version-
   FestoBus Node Cteu-pn Version-
FestoController Cecc-d Firmware Version-
   FestoController Cecc-d Version-
FestoController Cecc-lk Firmware Version-
   FestoController Cecc-lk Version-
FestoController Cecc-s Firmware Version-
   FestoController Cecc-s Version-
FestoController Sbrd-q Firmware Version-
   FestoController Sbrd-q Version-
FestoGateway Cpx-iot Firmware Version-
   FestoGateway Cpx-iot Version-
FestoVtem-s1-27 Firmware Version-
   FestoVtem-s1-27 Version-
FestoVtem-s1-c Firmware Version-
   FestoVtem-s1-c Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.44% 0.623
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
info@cert.vde.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-1059 Insufficient Technical Documentation

The product does not contain sufficient technical or engineering documentation (whether on paper or in electronic form) that contains descriptions of all the relevant software/hardware elements of the product, such as its usage, structure, architectural components, interfaces, design, implementation, configuration, operation, etc.