CVE-2014-0760
Festo CECX-X-C1 and CECX-X-M1 Modular Controllers with CoDeSys - Improper Authentication via Undocumented FTP Access
Title source: llmDescription
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which could allow a remote attacker to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
References (2)
Core 2
Core References
US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-084-01
Scores
EPSS
0.0315
EPSS Percentile
86.3%
Details
CWE
CWE-287
Status
published
Products (6)
3s-software/codesys_runtime_system
Festo/CECX-X-C1 Modular Master Controller with CoDeSys
all
festo/cecx-x-c1_modular_master_controller
Festo/CECX-X-M1 Modular Controller with CoDeSys and SoftMotion
all
festo/cecx-x-m1_modular_controller
softmotion3d/softmotion
Published
Apr 25, 2014
Tracked Since
Feb 18, 2026