PatchSiren cyber security CVE debrief
CVE-2022-23807 Festo Didactic SE CVE debrief
CVE-2022-23807 is a medium-severity authentication weakness tied in the supplied CISA/Festo advisory context to Festo Didactic SE MES PC. The advisory describes a phpMyAdmin issue where a valid user who is already authenticated can manipulate their account to bypass two-factor authentication on future login instances. The source remediation points to a replacement Factory Control Panel that includes fixes and replaces XAMPP on affected MES PCs.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Administrators and operators responsible for Festo Didactic MES PC deployments, especially environments that use the affected phpMyAdmin versions or bundled web administration components. Security teams should care most where account access and 2FA enforcement are relied on to protect operator/admin functions.
Technical summary
The source description states that phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2 contain a flaw allowing an already authenticated user to alter their account so that future logins can bypass two-factor authentication. The issue does not describe unauthenticated compromise; it requires valid existing access and affects subsequent authentication behavior. The supplied advisory context maps this to Festo Didactic SE MES PC and recommends the vendor-provided Factory Control Panel replacement as the fixed path.
Defensive priority
Medium priority. Validate whether any MES PC deployment includes affected phpMyAdmin versions or the bundled component path, then remediate promptly because the issue weakens account assurance for future logins even though it requires prior authentication.
Recommended defensive actions
- Confirm whether any Festo Didactic MES PC system uses phpMyAdmin 4.9 before 4.9.8 or 5.1 before 5.1.2.
- Obtain and deploy the current Factory Control Panel replacement referenced by the vendor advisory, which is stated to include fixes.
- Review account and 2FA settings on affected systems to ensure authentication policy is enforced after remediation.
- Limit access to administrative web interfaces and monitor for unexpected changes to user authentication settings.
- Track the vendor and CISA advisory references for any further revision history or remediation updates.
Evidence notes
All substantive claims come from the supplied CISA CSAF source item and its linked references. The source description states the phpMyAdmin version ranges and the two-factor bypass condition. The advisory metadata identifies Festo Didactic SE MES PC, and the remediation notes state that Factory Control Panel replaces XAMPP on MES PCs and includes fixes. Publication timing follows the supplied CVE/source publishedAt value of 2024-02-27; the later 2026-01-27 modifiedAt reflects advisory republication history, not initial issue date.
Official resources
-
CVE-2022-23807 CVE record
CVE.org
-
CVE-2022-23807 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied source on 2024-02-27. The source metadata shows a later 2026-01-27 republication/modification history, which should not be treated as the original disclosure date.