PatchSiren cyber security CVE debrief
CVE-2022-32140 CODESYS CVE debrief
CVE-2022-32140 describes a buffer overflow in multiple CODESYS products. A remote attacker with low privileges can craft a request that triggers a buffer copy without size checking, resulting in a denial-of-service condition. User interaction is not required. The advisory indicates an availability impact only, with no confidentiality or integrity impact listed.
- Vendor
- CODESYS
- Product
- FESTO
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-03-17
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-03-17
Who should care
OT/ICS operators, plant engineers, and administrators using Festo Automation Suite or the CODESYS components named in the advisory should review this issue, especially where service interruption could affect production or safety-related workflows.
Technical summary
The advisory ties the issue to multiple CODESYS products and to Festo Automation Suite deployments that include bundled CODESYS components. The flaw is a bounds-checking failure in a service buffer copy path, allowing a low-privileged network attacker to send a crafted request that can crash or otherwise deny service. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, corresponding to a medium-severity availability-only issue.
Defensive priority
Medium. Prioritize faster action if the affected system is network-reachable or operationally critical, because the published impact is a remote denial of service with no user interaction required.
Recommended defensive actions
- Upgrade Festo Automation Suite to version 2.8.0.138 or later where the bundled CODESYS component is no longer included.
- Install the latest patched CODESYS release directly from the official CODESYS website, following the vendor's installation and update guidance.
- Check whether any listed CODESYS Development System versions or bundled components are present in your environment and inventory them for remediation.
- Monitor official Festo and CODESYS security advisories and apply updates promptly when new fixes are released.
- Limit network exposure to OT services where possible and restrict access to trusted management networks.
- Validate backups, restore procedures, and service recovery plans so a denial-of-service event can be recovered quickly.
Evidence notes
The supplied CISA CSAF source item and advisory metadata identify CVE-2022-32140 as a buffer overflow affecting multiple CODESYS products, with published remediation pointing to Festo Automation Suite 2.8.0.138 and patched CODESYS downloads. The source also shows a CISA republication of the Festo advisory. Vendor attribution in the prompt is low confidence and should be reviewed, so the debrief intentionally centers on the product and advisory details rather than asserting unsupported vendor ownership.
Official resources
-
CVE-2022-32140 CVE record
CVE.org
-
CVE-2022-32140 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2022-32140 was published on 2026-02-26 and modified on 2026-03-17 in the supplied timeline. The source advisory was initially issued on the same date and later republished by CISA on 2026-03-17.