PatchSiren cyber security CVE debrief
CVE-2022-27445 Festo Didactic SE CVE debrief
CVE-2022-27445 is a high-severity denial-of-service issue with a CVSS 3.1 score of 7.5. The source advisory ties the CVE to Festo Didactic SE MES PC, while the CVE description says MariaDB Server v10.9 and below can hit a segmentation fault in sql/sql_window.cc. The main operational concern is loss of availability: affected systems may crash or become unavailable if exposed to the vulnerable condition.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
OT and industrial control system teams using Festo Didactic SE MES PC, especially administrators responsible for patching, replacement planning, uptime, and crash monitoring. Security teams should also review whether any deployed software stack includes the vulnerable MariaDB component referenced by the CVE description.
Technical summary
The source corpus associates CVE-2022-27445 with a MariaDB segmentation fault in sql/sql_window.cc and provides a CVSS vector of AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a remotely reachable availability impact. In the CSAF advisory, the affected product is Festo Didactic SE MES PC, and the listed vendor remediation is to replace XAMPP with Factory Control Panel obtained from Festo technical support. The advisory materials do not provide exploit details; the impact described is service interruption through crashing or segmentation fault behavior.
Defensive priority
High for exposed MES PC deployments. The issue is not listed as a KEV entry, but the availability impact is severe and the advisory includes a vendor replacement path, so affected environments should treat remediation as a near-term priority.
Recommended defensive actions
- Inventory Festo Didactic SE MES PC deployments and confirm whether they match the advisory scope.
- Obtain the current Factory Control Panel from Festo technical support and plan replacement of XAMPP as directed by the vendor remediation.
- Validate whether any installed MariaDB component matches the vulnerable versions described in the CVE record.
- Monitor affected systems for crashes, segmentation faults, or unexpected service interruptions.
- Apply ICS defense-in-depth and hardening guidance from CISA recommended practices while remediation is underway.
Evidence notes
This debrief is based only on the supplied CISA CSAF source item, its embedded revision history, and the official references listed in the corpus. The source item was initially published on 2024-02-27 and republished by CISA on 2026-01-27. The corpus does not mark the CVE as a KEV item and does not provide evidence of ransomware use. The advisory references include the CVE record, NVD, Festo PSIRT, CERT@VDE, and CISA advisory pages.
Official resources
-
CVE-2022-27445 CVE record
CVE.org
-
CVE-2022-27445 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The source advisory was initially published on 2024-02-27 and later republished by CISA on 2026-01-27. The corpus contains no KEV designation and no known ransomware campaign attribution.