PatchSiren cyber security CVE debrief
CVE-2022-47382 Schneider Electric CVE debrief
CISA published ICSA-26-076-01 on 2026-02-26 and republished the vendor advisory on 2026-03-17. The advisory describes a stack-based out-of-bounds write in the CmpTraceMgr component used by multiple CODESYS products. In affected Festo Automation Suite/CODESYS combinations, an authenticated remote attacker could corrupt stack memory, causing denial of service, memory overwriting, or potentially remote code execution.
- Vendor
- Schneider Electric
- Product
- HMISCU Controller
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2023-07-11
- Original CVE updated
- 2026-01-20
- Advisory published
- 2023-07-11
- Advisory updated
- 2026-01-20
Who should care
OT and industrial automation teams running Festo Automation Suite, especially systems that include the listed CODESYS Development System versions or allow authenticated remote maintenance access.
Technical summary
The issue is a stack-based out-of-bounds write consistent with CWE-787 in the CmpTraceMgr component. Because the vulnerable component is used by multiple CODESYS products, impacted Festo Automation Suite installations can be exposed through bundled or separately installed CODESYS components. The advisory lists affected combinations including Festo Automation Suite versions below 2.8.0.138 and specific bundled CODESYS Development System versions. The attacker must be authenticated, but the impact can include stack corruption, process failure, and possible remote code execution.
Defensive priority
High. Prioritize remediation on any reachable or maintenance-accessible Festo/CODESYS engineering system, since the issue can lead to memory corruption and possible RCE.
Recommended defensive actions
- Upgrade affected Festo Automation Suite installations to version 2.8.0.138 or later.
- Install the latest patched CODESYS release directly from the official CODESYS website, following vendor instructions.
- Inventory systems that use the affected CODESYS Development System versions and confirm whether they are bundled or separately installed.
- Monitor Festo PSIRT and CODESYS security advisories and apply updates promptly.
- Review and restrict authenticated remote access to engineering and maintenance systems to only necessary accounts.
- Keep the Festo Automation Suite connector updated with the latest Festo-released updates.
Evidence notes
This debrief is based on the CISA CSAF republished advisory (ICSA-26-076-01) and its referenced vendor sources. The source metadata contains a vendor/product attribution inconsistency in the prompt, so the debrief relies on the advisory title and body text: 'CODESYS in Festo Automation Suite.' Publication timing is taken from the supplied advisory dates: 2026-02-26 initial publication and 2026-03-17 CISA republication. No KEV entry was supplied.
Official resources
-
CVE-2022-47382 CVE record
CVE.org
-
CVE-2022-47382 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed via CISA advisory ICSA-26-076-01 on 2026-02-26, with a CISA republication update on 2026-03-17. No KEV listing was provided.