PatchSiren cyber security CVE debrief
CVE-2022-27456 Festo Didactic SE CVE debrief
CVE-2022-27456 is a use-after-free in MariaDB Server v10.6.3 and below, identified in the advisory material for Festo Didactic SE MES PC. The advisory ties remediation to replacing the vulnerable XAMPP-based component with Factory Control Panel, and the published CVSS 3.1 vector indicates a network-reachable issue with no authentication required and high availability impact.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Administrators, operators, and support teams responsible for Festo Didactic SE MES PC deployments should care most, especially where the affected MariaDB/XAMPP stack is still in use. Security teams supporting industrial or lab/OT environments should also review exposure and replacement status.
Technical summary
The source corpus describes CVE-2022-27456 as a CWE-416 use-after-free in the MariaDB Server component VDec::VDec at /sql/sql_type.cc. The cited CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, which indicates a remotely reachable weakness with no privileges or user interaction required and a primary impact on availability.
Defensive priority
High. Even though the vector is availability-only, the no-auth, network-reachable profile and the advisory’s MES PC context make this worth prompt remediation on any still-deployed affected systems.
Recommended defensive actions
- Confirm whether any Festo Didactic SE MES PC systems are still running the vulnerable XAMPP/MariaDB component described in the advisory.
- Obtain the current Factory Control Panel version from Festo support as directed in the remediation guidance.
- Plan for the restart required by the vulnerable component replacement and validate the updated system after maintenance.
- Use the official CISA and vendor references to track advisory revisions and confirm you are using the latest remediation guidance.
- If you cannot remediate immediately, reduce exposure by limiting network access to the affected MES PC environment and monitoring for instability or service disruption.
Evidence notes
This debrief is based only on the supplied CISA CSAF advisory record and the official links listed in the source corpus. The CVE publication date used here is 2024-02-27, matching the advisory publication date; the later 2026-01-27 entry is a CISA republication/revision date and not the original issue date. The record marks the issue as non-KEV and provides the official CVSS vector and CWE-416 mapping.
Official resources
-
CVE-2022-27456 CVE record
CVE.org
-
CVE-2022-27456 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the CISA CSAF advisory record on 2024-02-27. The source corpus also shows a later CISA republication on 2026-01-27, which should not be treated as the original CVE issue date.