PatchSiren cyber security CVE debrief
CVE-2014-9709 Festo Didactic SE CVE debrief
CVE-2014-9709 is a critical remote denial-of-service issue in GIF parsing code used by GD and PHP. In the supplied CISA CSAF advisory for Festo Didactic SE MES PC, a crafted GIF can be mishandled by gdImageCreateFromGif, leading to a buffer over-read and application crash. The vendor remediation points to Factory Control Panel as the replacement for XAMPP on MES PCs, indicating that the affected deployment context is the bundled web/application stack rather than the MES PC hardware itself.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- CRITICAL 9.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Festo Didactic SE MES PC operators, OT and ICS administrators, and anyone responsible for the XAMPP/PHP/GD software stack on those systems should treat this as high priority. Systems that are reachable from untrusted networks or that process externally supplied images are the most important to review first.
Technical summary
The source corpus describes CVE-2014-9709 as a flaw in GetCode_ within gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5. A crafted GIF image processed through gdImageCreateFromGif can trigger a buffer over-read and crash. The supplied advisory maps this issue to Festo Didactic SE MES PC and assigns CVSS 3.0 9.1 with vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H.
Defensive priority
High. The issue is network-reachable, requires no authentication or user interaction, and has a vendor-provided replacement path. Prioritize exposed or operationally important MES PC instances.
Recommended defensive actions
- Inventory MES PC deployments and identify any systems still using the affected XAMPP/PHP/GD stack.
- Obtain the current Factory Control Panel release from Festo technical support at [email protected] and apply the vendor-recommended replacement.
- Plan maintenance for any required restart or service interruption, since the remediation notes a vulnerable component restart requirement.
- Restrict network access to MES PC services that accept or process image content until the replacement is in place.
- Review logs and crash reports for abnormal GIF handling or unexpected application failures on affected systems.
Evidence notes
The supplied source is CISA CSAF advisory ICSA-26-027-02, republishing the Festo advisory for MES PC and explicitly linking CVE-2014-9709 to the product. The remediation text states that Factory Control Panel replaces XAMPP on MES PCs and includes fixes for these vulnerabilities. Official record links are present for CVE.org and NVD, and the source references include the vendor CSAF, CISA advisory page, and Festo PSIRT page. The timeline fields supplied here place the CVE publication context at 2024-02-27 and the CISA republication at 2026-01-27; no KEV entry is listed in the supplied data.
Official resources
-
CVE-2014-9709 CVE record
CVE.org
-
CVE-2014-9709 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA's supplied CSAF republication for Festo Didactic SE MES PC lists CVE-2014-9709 with initial publication dated 2024-02-27 and a later CISA republication on 2026-01-27. No Known Exploited Vulnerabilities listing is included in the source