CVE-2010-5250 Festo CVE debrief

Who should care

OT/ICS administrators, Windows engineering-workstation owners, and any team running Festo Automation Suite with bundled CODESYS components should review this advisory. It matters most where untrusted local users can influence the working directory or where privileged processes start from writable paths.

Technical summary

The CVE text says Pthreads-win32 2.8.0 has an untrusted search path issue in pthread_win32_process_attach_np within pthreadGC2.dll. If a malicious quserex.dll is placed in the current working directory, the process may load that Trojan horse DLL and a local attacker can gain elevated privileges. The CISA-republished advisory maps the impacted packaging to Festo Automation Suite versions below 2.8.0.138 and specific bundled CODESYS Development System combinations.

Defensive priority

High

Recommended defensive actions

• Upgrade Festo Automation Suite to version 2.8.0.138 or later, where CODESYS is no longer bundled with the suite.
• Install the latest patched CODESYS release directly from the official CODESYS website and follow the vendor’s update instructions.
• Audit engineering workstations and service accounts so privileged processes do not run from user-writable directories.
• Monitor CISA, Festo, and CERTVDE advisories for follow-up updates and apply patches promptly.

Evidence notes

This debrief relies on the supplied CISA CSAF source item and its linked official references. The source description explicitly notes that some details come from third-party information, so vendor/product attribution should be treated carefully. The advisory metadata ties the issue to Festo Automation Suite/CODESYS packaging, while the CVE description itself names Pthreads-win32 2.8.0 and pthreadGC2.dll; that context mismatch is preserved rather than resolved here.

Official resources