PatchSiren cyber security CVE debrief
CVE-2021-30188 Unknown Vendor CVE debrief
CVE-2021-30188 is a critical stack-based buffer overflow in CODESYS V2 runtime system SP before 2.4.7.55. The supplied advisory corpus ties the issue to Festo Automation Suite deployments that include CODESYS components, and it recommends moving to patched CODESYS builds and keeping the Festo Automation Suite connector updated. The CISA advisory in the corpus was published on 2026-02-26 and republished on 2026-03-17; no KEV entry is present in the supplied data.
- Vendor
- Unknown Vendor
- Product
- FESTO
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-03-17
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-03-17
Who should care
OT/ICS asset owners, plant engineers, system integrators, and patch managers running Festo Automation Suite or other deployments that include affected CODESYS V2 runtime components. Security teams responsible for industrial endpoints and engineering workstations should also validate exposure.
Technical summary
The issue is a stack-based buffer overflow in CODESYS V2 runtime system SP before 2.4.7.55. The provided CVSS vector is 9.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that successful exploitation could have severe confidentiality, integrity, and availability impact. The advisory metadata shows Festo Automation Suite as the affected deployment context, with later Festo guidance indicating that starting in version 2.8.0.138, CODESYS is no longer bundled and must be installed separately by the customer.
Defensive priority
Immediate
Recommended defensive actions
- Inventory all Festo Automation Suite and CODESYS installations to determine whether any system uses CODESYS V2 runtime SP before 2.4.7.55.
- Update to the latest patched CODESYS version obtained directly from the official CODESYS website, following vendor installation guidance.
- Apply the latest Festo Automation Suite updates and keep the Festo Automation Suite connector current.
- If patching cannot be completed quickly, reduce exposure by restricting network access to engineering and runtime systems and applying OT segmentation.
- Monitor official CODESYS, Festo, CISA, and CertVDE advisories for follow-up guidance and version-specific remediation notes.
Evidence notes
Primary evidence comes from the supplied CISA CSAF advisory record ICSA-26-076-01 and its referenced vendor/CertVDE materials. The advisory description explicitly states: 'CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.' The corpus also includes remediation text advising customers to download the latest patched CODESYS release from the official website and keep the Festo Automation Suite connector updated. Vendor attribution in the supplied metadata is low-confidence and should be treated cautiously: the advisory title points to 'CODESYS in Festo Automation Suite,' while the description centers on CODESYS runtime software.
Official resources
-
CVE-2021-30188 CVE record
CVE.org
-
CVE-2021-30188 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied advisory corpus via CISA ICS Advisory ICSA-26-076-01 on 2026-02-26, with a CISA republication on 2026-03-17. No KEV listing is included in the supplied data.