PatchSiren cyber security CVE debrief
CVE-2022-47393 CODESYS CVE debrief
CVE-2022-47393 is a denial-of-service issue in multiple CODESYS product versions used with Festo Automation Suite. According to the CISA CSAF advisory, an authenticated remote attacker can exploit an improper memory-buffer bounds restriction to force service disruption. The advisory was first published on 2026-02-26 and republished on 2026-03-17 with the initial CISA republication of the Festo advisory.
- Vendor
- CODESYS
- Product
- FESTO
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-03-17
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-03-17
Who should care
Organizations running Festo Automation Suite with bundled or separately installed CODESYS components, especially OT/ICS teams, engineering workstations, and administrators responsible for patching industrial software.
Technical summary
The advisory describes an authenticated, remote attack path against multiple versions of multiple CODESYS products, resulting in denial of service. The supplied CVSS v3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) indicates network reachability, low attack complexity, low privileges required, no user interaction, and high availability impact, with no confidentiality or integrity impact noted.
Defensive priority
Medium. The issue is exploitable over the network by an authenticated attacker and can disrupt availability, so it should be prioritized for affected engineering and OT environments.
Recommended defensive actions
- Update Festo Automation Suite to version 2.8.0.138 or later, as the advisory notes that this release stops bundling CODESYS and requires separate installation.
- Install the latest patched CODESYS version directly from the official CODESYS website and follow the vendor's update instructions.
- Review all systems using Festo Automation Suite for bundled or separately installed CODESYS components, including the specific versions listed in the advisory.
- Monitor CODESYS and Festo security advisories and apply updates promptly.
- Keep the Festo Automation Suite connector current by installing FAS updates as released by Festo.
Evidence notes
The source is the CISA CSAF advisory ICSA-26-076-01, republishing Festo's FSA-202601 advisory. The advisory title is 'CODESYS in Festo Automation Suite' and lists affected combinations involving Festo Automation Suite and CODESYS Development System. It states that an authenticated remote attacker may use an improper restriction of operations within the bounds of a memory buffer to force denial of service. The supplied CVSS vector is AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Official resources
-
CVE-2022-47393 CVE record
CVE.org
-
CVE-2022-47393 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published ICSA-26-076-01 on 2026-02-26 and republished it on 2026-03-17; the source metadata says this is an initial CISA republication of Festo SE & Co. KG advisory FSA-202601.