CVE-2021-46665 Festo Didactic SE CVE debrief

Who should care

OT/ICS operators, plant engineers, and system administrators responsible for Festo Didactic SE MES PC deployments should care most, especially where local user access to the host is shared or not tightly controlled. Security teams supporting industrial workstation images that include MariaDB/XAMPP-related components should also review exposure.

Technical summary

The advisory text links CVE-2021-46665 to a MariaDB application crash caused by incorrect used_tables expectations in sql_parse.cc, with MariaDB through 10.5.9 identified in the description. The supplied CVSS 3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a local attack path with high availability impact and no indicated confidentiality or integrity impact. The CISA CSAF source maps the issue to Festo Didactic SE MES PC and points to a replacement Factory Control Panel as the vendor remediation path.

Defensive priority

Medium. The vulnerability needs local access and low privileges, but it can still interrupt MES PC availability in an industrial setting. Prioritize it where the MES PC is operationally critical, shared by multiple users, or difficult to recover quickly after a crash.

Recommended defensive actions

• Verify whether any Festo Didactic SE MES PC systems in your environment use the MariaDB/XAMPP-related component set referenced in the advisory.
• Obtain and deploy the current Factory Control Panel version through Festo technical support, as cited in the remediation entry.
• Restrict local and administrative access to affected hosts to reduce the chance of low-privilege misuse.
• Test restart and recovery procedures for MES PC services so a crash does not create an extended outage.
• Monitor affected systems for MariaDB or application crashes and preserve logs for incident triage.
• Track the vendor and CISA advisory references for any further guidance or updated replacement guidance before the next maintenance window.

Evidence notes

Source evidence in the supplied corpus ties CVE-2021-46665 to Festo Didactic SE MES PC and states: “MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.” The provided CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, supporting a local denial-of-service interpretation. The remediation entry names Factory Control Panel as the replacement for XAMPP on MES PCs and instructs customers to contact Festo technical support for the current version. No exploit code or remote exploitation details are present in the supplied sources.

Official resources