PatchSiren cyber security CVE debrief
CVE-2014-9705 Festo Didactic SE CVE debrief
CVE-2014-9705 describes a heap-based buffer overflow in PHP’s enchant_broker_request_dict function that can let a remote attacker execute arbitrary code when multiple dictionaries are created. In the supplied CISA CSAF source, the CVE is republished in an advisory for Festo Didactic SE MES PC, with Festo directing users to obtain the current Factory Control Panel version that includes fixes. The practical takeaway is to treat this as an urgent patch-or-replace issue for any MES PC deployment that still contains the affected PHP/enchant component path.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Festo Didactic SE MES PC operators, OT/ICS administrators, and security teams responsible for the affected workstation image or any systems that still include the vulnerable PHP component set.
Technical summary
The vulnerability is a heap-based buffer overflow in enchant_broker_request_dict within ext/enchant/enchant.c in PHP. According to the source description, remote attackers can trigger creation of multiple dictionaries and potentially achieve arbitrary code execution. The advisory text supplied for Festo Didactic SE MES PC recommends moving to the current Factory Control Panel release, which is stated to include fixes for these vulnerabilities.
Defensive priority
Critical. This is network-reachable, requires no privileges or user interaction in the CVSS vector provided, and can lead to code execution. If the affected PHP component is present in the MES PC environment, prioritize immediate remediation and exposure reduction.
Recommended defensive actions
- Confirm whether the MES PC deployment uses the affected PHP/enchant component chain or an outdated Factory Control Panel/XAMPP-based image.
- Obtain and deploy the current Factory Control Panel version from Festo technical support as instructed in the advisory.
- Verify that any affected PHP runtime is at least 5.4.38, 5.5.22, or 5.6.6, or otherwise removed from the exposed system.
- Restrict network access to MES PC workstations and limit reachability from untrusted networks until remediation is complete.
- Monitor the affected host for unexpected crashes, abnormal process behavior, or other signs of memory corruption while patching is in progress.
- Apply CISA ICS defensive-in-depth guidance and recommended practices to reduce exposure on OT assets.
Evidence notes
The source item description and the official CVE record both identify the same PHP heap-based buffer overflow and remote code execution risk. The CISA CSAF entry for Festo Didactic SE MES PC ties this CVE to the MES PC product context and states that Festo’s current Factory Control Panel release includes fixes. The supplied timeline shows the CVE/source record published on 2024-02-27 and later republished by CISA on 2026-01-27.
Official resources
-
CVE-2014-9705 CVE record
CVE.org
-
CVE-2014-9705 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The supplied CISA CSAF source is a republication of the vendor advisory and should be read as a product-context mapping for MES PC rather than a standalone exploit bulletin. No KEV listing is provided in the supplied corpus.