PatchSiren cyber security CVE debrief
CVE-2022-23808 Festo Didactic SE CVE debrief
CVE-2022-23808 is a medium-severity web injection issue tied to phpMyAdmin 5.1 before 5.1.2 and republished by CISA in a Festo Didactic SE MES PC advisory. The reported impact is that an attacker can inject malicious code into parts of the setup script, which can lead to XSS or HTML injection. For affected MES PC deployments, the vendor remediation referenced in the advisory is to move to Festo's Factory Control Panel replacement and obtain the current version through Festo support.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- MEDIUM 6.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Organizations operating Festo Didactic SE MES PC systems, especially teams responsible for web administration, OT/ICS support, and any environment where phpMyAdmin or related setup components may still be present. Security teams should also care if users can access setup or admin interfaces from a browser.
Technical summary
The source advisory describes a vulnerability in phpMyAdmin 5.1 prior to 5.1.2 where malicious input can be injected into aspects of the setup script. Because the affected interaction is browser-based, the outcome can be cross-site scripting (XSS) or HTML injection. The CVSS vector indicates network reachability with required user interaction and scope change, with low confidentiality and integrity impact and no availability impact.
Defensive priority
Medium priority. Treat as prompt remediation for any exposed or still-installed vulnerable phpMyAdmin setup path, and as a higher-priority item if the affected MES PC environment is reachable by untrusted users or shared across multiple operators.
Recommended defensive actions
- Confirm whether any MES PC deployment still includes phpMyAdmin 5.1 before 5.1.2 or a related vulnerable setup component.
- Apply the vendor-referenced remediation by obtaining the current Factory Control Panel version from Festo technical support and replacing the older XAMPP-based setup path.
- Restrict access to setup and administration interfaces to trusted users and management networks only.
- Review browser-facing configuration for output encoding and input validation controls around setup pages.
- Monitor for unexpected HTML or script injection indicators in setup-related pages and logs.
- Use the official advisory and CVE record to validate remediation status across all affected sites.
Evidence notes
The underlying vulnerability description comes from the CISA CSAF advisory for Festo Didactic SE MES PC and states that phpMyAdmin 5.1 before 5.1.2 can allow XSS or HTML injection through the setup script. The advisory also lists a vendor remediation dated 2023-05-26 that directs customers to Festo's Factory Control Panel replacement. The CVE publication date used here is the supplied CVE publishedAt value of 2024-02-27; the later CISA republication date is not treated as the original issue date.
Official resources
-
CVE-2022-23808 CVE record
CVE.org
-
CVE-2022-23808 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied CISA CSAF republication on 2024-02-27, with vendor remediation information in the advisory dated 2023-05-26. No KEV listing is indicated in the supplied data.