PatchSiren cyber security CVE debrief
CVE-2022-32136 CODESYS CVE debrief
CVE-2022-32136 is a medium-severity denial-of-service issue affecting multiple CODESYS products as distributed with Festo Automation Suite. A low-privileged remote attacker can craft a request that triggers a read from an uninitialized pointer; no user interaction is required. The advisory recommends moving to patched CODESYS releases and keeping Festo Automation Suite components updated.
- Vendor
- CODESYS
- Product
- FESTO
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-03-17
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-03-17
Who should care
Organizations running Festo Automation Suite deployments that include CODESYS components, especially OT/ICS teams, plant engineers, and patch-management staff responsible for industrial automation workstations and associated software maintenance.
Technical summary
The advisory describes a network-accessible flaw where a low-privileged remote attacker can send a crafted request that causes a read access to an uninitialized pointer, leading to a denial-of-service. The supplied CVSS vector is AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, which aligns with availability impact only and no user interaction requirement. The affected configurations listed in the source include Festo Automation Suite versions below 2.8.0.138 and specific bundle combinations with CODESYS Development System 3.0, 3.5.16.10, and 3.5.21.20.
Defensive priority
Medium. The issue is remotely reachable, requires only low privileges, and can interrupt availability in industrial software, but the supplied source describes denial-of-service rather than code execution or data loss.
Recommended defensive actions
- Update Festo Automation Suite to version 2.8.0.138 or later, as identified in the advisory.
- Install the latest patched CODESYS release directly from the official CODESYS website.
- Follow the CODESYS installation and update instructions so security fixes are applied correctly.
- Keep monitoring CODESYS and Festo security advisories and apply updates promptly.
- Maintain the Festo Automation Suite connector at the latest released version from Festo.
Evidence notes
The primary evidence is CISA advisory ICSA-26-076-01, which republishes the Festo advisory FSA-202601 and states that a low-privileged remote attacker can trigger a read access to an uninitialized pointer, causing denial-of-service without user interaction. The source metadata lists affected Festo Automation Suite and CODESYS bundle combinations and provides the remediation to update to Festo Automation Suite 2.8.0.138 or later and install patched CODESYS versions. The CVE.org and NVD links are included as official record and database references in the source corpus.
Official resources
-
CVE-2022-32136 CVE record
CVE.org
-
CVE-2022-32136 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory source on 2026-02-26 and republished it on 2026-03-17. The source metadata identifies the advisory as ICSA-26-076-01 and ties it to the Festo advisory FSA-202601; this debrief uses those advisory dates and the CV