PatchSiren cyber security CVE debrief
CVE-2022-27379 Festo Didactic SE CVE debrief
CVE-2022-27379 is a denial-of-service vulnerability affecting the MariaDB Server component Arg_comparator::compare_real_fixed, described in the CISA CSAF advisory for Festo Didactic SE MES PC. The source metadata says specially crafted SQL statements can trigger the issue in MariaDB Server v10.6.2 and below. Because the CVSS vector is network-exploitable, requires no privileges, and has high availability impact, exposed systems should be treated as operationally important even though confidentiality and integrity are not affected.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Organizations running Festo Didactic MES PC systems that include the affected MariaDB/XAMPP stack should care first, especially if the SQL service is reachable across a network. OT/industrial environments, lab systems, and any administrators responsible for MES availability should prioritize review because this is an outage-style issue rather than a data-exposure issue.
Technical summary
The supplied source corpus ties CVE-2022-27379 to MariaDB Server v10.6.2 and below, specifically the Arg_comparator::compare_real_fixed component. The issue can be triggered through specially crafted SQL statements and is scored CVSS 3.1 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating a remotely reachable availability impact with no privileges or user interaction required. The advisory also records a vendor remediation path for Festo Didactic MES PCs via Factory Control Panel as a replacement for XAMPP, which is stated to include fixes for these vulnerabilities.
Defensive priority
High for any exposed or operationally critical MES PC deployment; medium if the affected service is fully isolated and tightly controlled. Treat as urgent if SQL access is network reachable or if an outage would disrupt training or production workflows.
Recommended defensive actions
- Identify whether your MES PC installation uses the vulnerable MariaDB/XAMPP stack referenced by the advisory.
- Apply the vendor-provided replacement path: obtain the current Factory Control Panel release from Festo technical support as directed in the remediation entry.
- Reduce network exposure to the SQL service and restrict access to trusted management networks only.
- Monitor for service instability or unexpected restarts affecting the MariaDB component.
- If you maintain an asset inventory, map MES PC instances to the specific software stack so you can verify remediation status quickly.
- Use standard ICS defensive practices such as segmentation, least exposure, and backup/restore validation for availability-sensitive systems.
Evidence notes
All substantive claims here come from the supplied CISA CSAF source item and its metadata: the vulnerable component name, the MariaDB version boundary, the DoS impact, the CVSS vector, the Festo MES PC remediation entry, and the advisory publication timeline. The linked official resources include the CVE record, NVD detail page, the raw CSAF advisory, the vendor advisory, the CISA advisory page, and CISA ICS recommended-practices material. The corpus does not include rendered page bodies, so statements are limited to the provided advisory metadata.
Official resources
-
CVE-2022-27379 CVE record
CVE.org
-
CVE-2022-27379 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA’s CSAF metadata shows the advisory was initially published on 2024-02-27, with later revisions recorded in the source history. Use the 2024-02-27 publication date for disclosure timing context.