CVE-2024-8175 CODESYS CVE debrief

Who should care

Festo Automation Suite users, OT/ICS administrators, plant engineers, and defenders responsible for CODESYS-based engineering or control environments should review this advisory, especially where internet-exposed or remotely reachable web server components are present.

Technical summary

The advisory describes an unauthenticated remote attack against the CODESYS web server component that leads to invalid memory access and service disruption. The supplied CSAF lists Festo Automation Suite configurations below 2.8.0.138 and several bundled CODESYS Development System combinations among the affected products. The impact is availability-only (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Defensive priority

High. Network-reachable, unauthenticated availability issues in industrial software can interrupt engineering workflows and adjacent operations, so remediation and exposure review should be prioritized.

Recommended defensive actions

• Upgrade to the latest patched CODESYS version obtained directly from the official CODESYS website.
• Follow the vendor's installation and update instructions to ensure all security fixes are applied.
• Update Festo Automation Suite to the latest available release and keep the connector current.
• Review where CODESYS web server components are deployed and limit network exposure where possible.
• Monitor CODESYS and Festo security advisories for follow-on updates or revised guidance.

Evidence notes

This debrief is based on the CISA CSAF advisory ICSA-26-076-01 and the linked official references. The advisory states that an unauthenticated remote attacker can cause the CODESYS web server to access invalid memory, resulting in a DoS. The source metadata shows the advisory was published on 2026-02-26 and republished/modified on 2026-03-17. Vendor attribution in the supplied corpus is low-confidence and should be treated cautiously; the technical issue itself is clearly tied to CODESYS in Festo Automation Suite.

Official resources