PatchSiren cyber security CVE debrief
CVE-2022-21595 Festo Didactic SE CVE debrief
CVE-2022-21595 is a Medium-severity Oracle MySQL Server vulnerability in the C API component that can lead to a hang or repeatable crash, resulting in denial of service. The source advisory ties it to Festo Didactic SE MES PC and says the replacement Factory Control Panel includes fixes. Exploitation is described as difficult and requires a high-privilege attacker with network access via multiple protocols.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- MEDIUM 4.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Administrators and support teams responsible for Festo Didactic SE MES PC deployments, especially environments that still include the affected Oracle MySQL component or expose related network services. OT/ICS defenders should also care where a service crash could interrupt production or training workflows.
Technical summary
The source describes CVE-2022-21595 as a vulnerability in Oracle MySQL Server, component C API, affecting MySQL 5.7.36 and prior and 8.0.27 and prior. The published CVSS vector is CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H, which aligns with a network-reachable denial-of-service impact requiring high privileges and no user interaction. Successful exploitation can cause a hang or frequently repeatable crash of MySQL Server. The Festo advisory indicates the affected MES PC deployment should move to Factory Control Panel, which includes fixes.
Defensive priority
Moderate. The issue is not easy to exploit and requires high privileges, but it can still take down a server component that may be operationally important. Prioritize remediation where MES PC systems are reachable by privileged users, shared across teams, or used in time-sensitive OT environments.
Recommended defensive actions
- Confirm whether any MES PC installation still includes the affected Oracle MySQL component and check the version against 5.7.36/8.0.27 or earlier.
- Obtain the current Factory Control Panel version from Festo support, as the source remediation states it includes fixes for these vulnerabilities.
- Restrict access to MySQL-related services to only the necessary high-privilege accounts and trusted network paths.
- Monitor MES PC and database service health for hangs, repeatable crashes, or unexpected restarts, and alert on repeated failures.
- Track the official Festo and CISA advisories for any additional guidance or updated remediation notes.
Evidence notes
The CISA CSAF source item states the vulnerability is in Oracle MySQL Server (C API), affects versions 5.7.36 and prior and 8.0.27 and prior, and can cause a hang or repeatable crash under a high-privilege network attack. The remediation field says Festo Didactic has released Factory Control Panel as a replacement for XAMPP on MES PCs and that the current version includes fixes. The source metadata shows CVE publication on 2024-02-27 and CISA republication on 2026-01-27; those dates are used only as disclosure context.
Official resources
-
CVE-2022-21595 CVE record
CVE.org
-
CVE-2022-21595 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The CVE was published on 2024-02-27. The CISA source was republished on 2026-01-27 from the Festo advisory lineage. The source remediation field also lists a vendor fix release date of 2023-05-26 for Factory Control Panel.