PatchSiren cyber security CVE debrief
CVE-2022-32091 Festo Didactic SE CVE debrief
CVE-2022-32091 is a high-severity memory-safety issue described in CISA’s advisory materials for Festo Didactic SE MES PC. The source text says MariaDB v10.7 can hit a use-after-poison in __interceptor_memset, and the vendor remediation points MES PC users to Festo’s Factory Control Panel replacement for XAMPP. For defenders, the key question is whether any MES PC deployment still includes the affected MariaDB/XAMPP stack and whether the supported vendor replacement has been installed.
- Vendor
- Festo Didactic SE
- Product
- MES PC
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-27
- Original CVE updated
- 2026-01-27
- Advisory published
- 2024-02-27
- Advisory updated
- 2026-01-27
Who should care
Festo Didactic SE MES PC administrators, OT/industrial IT teams, engineers maintaining Factory Control Panel or XAMPP-based MES PC deployments, and security teams responsible for network-reachable availability-critical systems that may include MariaDB v10.7.
Technical summary
The advisory content associates CVE-2022-32091 with a use-after-poison condition in MariaDB v10.7 at __interceptor_memset within libsanitizer’s sanitizer_common interceptors. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) indicates a remotely reachable, low-complexity issue with high availability impact. The advisory is published under the Festo Didactic SE MES PC product tree and maps to CWE-416 in the reference set, so defenders should treat it as an availability-focused memory-safety defect in the affected deployment context.
Defensive priority
High for any exposed or operational MES PC deployment: the score is 7.5 (HIGH), the attack surface is network-reachable, and the stated impact is high availability loss. If the affected component is present, remediation should be prioritized promptly.
Recommended defensive actions
- Obtain and install the current Festo Factory Control Panel release from Festo technical support, as the advisory states it replaces XAMPP on MES PCs and includes fixes for the listed vulnerabilities.
- Inventory MES PC systems to confirm whether MariaDB v10.7 / XAMPP-related components are present and whether they are covered by the supported vendor replacement.
- Apply compensating controls until remediation is complete: restrict network exposure, segment affected OT assets, and limit access to the smallest practical set of hosts and users.
- Validate post-update service behavior and any required restart of the vulnerable component during maintenance planning.
- Use CISA ICS recommended practices and defense-in-depth guidance for isolation, monitoring, and change control on industrial systems.
Evidence notes
This debrief is based only on the supplied CISA CSAF source item and its linked references. The corpus contains a notable context mismatch: the advisory description names MariaDB v10.7 and __interceptor_memset, while the product tree and remediation are for Festo Didactic SE MES PC / Factory Control Panel replacement for XAMPP. The source revision history shows an initial 2024-02-27 release and a later 2026-01-27 republication; the CVE issue date should be treated as 2024-02-27, not the later republication date.
Official resources
-
CVE-2022-32091 CVE record
CVE.org
-
CVE-2022-32091 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2022-32091 was published on 2024-02-27. The supplied source advisory was initially released the same day and later republished by CISA on 2026-01-27; use the CVE publication date for issue timing, not the later republication date.