PatchSiren cyber security CVE debrief
CVE-2019-11047 Festo Didactic SE CVE debrief
CVE-2019-11047 is a PHP EXIF parsing flaw that can cause an out-of-bounds read when processing crafted image metadata. In the supplied Festo Didactic SE MES PC advisory, CISA maps this issue to MES PC deployments and recommends replacing XAMPP with Factory Control Panel on affected MES PCs. The practical risk is information disclosure or a crash, with no indication in the supplied corpus of active exploitation or KEV listing.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Administrators and operators responsible for Festo Didactic SE MES PC deployments, especially environments that still rely on bundled PHP components such as EXIF parsing or legacy XAMPP-based setups.
Technical summary
The CVE description says PHP EXIF extension parsing, including via exif_read_data(), can be supplied data that makes it read past the allocated buffer in PHP 7.2.x below 7.2.26, 7.3.x below 7.3.13, and 7.4.0. The supplied advisory associates the issue with Festo Didactic SE MES PC and gives a vendor fix path: Factory Control Panel as the replacement for XAMPP on MES PCs. The supplied CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L (6.5, Medium).
Defensive priority
Medium. Prioritize if the MES PC installation still includes the affected PHP EXIF component or a legacy XAMPP-based configuration; otherwise confirm the replacement path has been deployed and the vulnerable component is absent.
Recommended defensive actions
- Confirm whether any MES PC systems still use the affected PHP versions or a bundled EXIF-capable PHP stack.
- Upgrade to or deploy the Factory Control Panel replacement referenced in the advisory.
- Treat the issue as a potential confidentiality and availability concern because the supplied description allows information disclosure or crash.
- Verify remediation across all MES PC instances, not just the primary server or workstation.
- Use the CISA/Festo advisory references to validate product-specific remediation status and support contacts.
Evidence notes
The source corpus is a CISA republication of the Festo advisory for Festo Didactic SE MES PC. The CVE description explicitly states the PHP EXIF buffer over-read condition and affected PHP versions. The remediation text states that Factory Control Panel replaces XAMPP on MES PCs and includes fixes. Timing context from the supplied fields: the source advisory was initially published on 2024-02-27 and republished on 2026-01-27; this should not be treated as the original issue date. No KEV entry or active ransomware use is indicated in the supplied data.
Official resources
-
CVE-2019-11047 CVE record
CVE.org
-
CVE-2019-11047 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed vulnerability; the supplied corpus does not indicate KEV inclusion or known ransomware campaign use.