PatchSiren cyber security CVE debrief
CVE-2022-27449 Festo Didactic SE CVE debrief
CISA’s CSAF advisory ICSA-26-027-02 ties CVE-2022-27449 to Festo Didactic SE MES PC and describes a segmentation fault in MariaDB Server v10.9 and below. The impact is availability-only (CVSS 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), so defenders should treat it as a network-reachable denial-of-service risk rather than a code-execution issue. Festo’s stated remediation is to move MES PCs to the current Factory Control Panel version obtained through technical support.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Festo Didactic SE MES PC operators, OT/ICS administrators, and anyone managing the affected MES PC software stack that includes MariaDB/XAMPP components.
Technical summary
The supplied corpus describes a segmentation fault in MariaDB Server v10.9 and below at sql/item_func.cc:148, with a resulting denial-of-service condition. The cited CVSS 3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, and the source links include CWE-617 as the relevant weakness reference. No confidentiality or integrity impact is indicated in the corpus.
Defensive priority
High
Recommended defensive actions
- Obtain and deploy the current Factory Control Panel version from Festo technical support, as stated in the remediation guidance.
- Inventory MES PCs and confirm whether they are running the affected software stack or legacy XAMPP-based components.
- Schedule upgrades during maintenance windows and verify service stability after the vulnerable component is replaced.
- If immediate remediation is not possible, reduce exposure by limiting network access to MES PCs and applying CISA ICS defense-in-depth guidance.
- Monitor affected systems for MariaDB-related crashes, unexpected service restarts, or repeated availability issues.
- Document the asset versions and remediation status so affected MES PCs can be prioritized and validated consistently.
Evidence notes
The supplied source item (ICSA-26-027-02) is a CISA republication of a Festo Didactic SE advisory and explicitly states: 'MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.' The same corpus includes the Festo advisory reference, the CISA ICS advisory page, the CVE record, and CISA ICS recommended-practices links. The remediation entry says Festo Didactic has released Factory Control Panel as a replacement for XAMPP on its MES PCs and instructs users to contact technical support for the current version. No KEV entry or threat campaign is provided in the supplied corpus.
Official resources
-
CVE-2022-27449 CVE record
CVE.org
-
CVE-2022-27449 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied CISA CSAF source on 2024-02-27; the corpus also shows a CISA republication on 2026-01-27. No KEV listing is present in the supplied data.