CVE-2014-0769

CVE-2014-0769: Festo CECX-X-(C1/M1) Controller Improper Authentication

Vendor Festo
Product CECX-X-C1 Modular Master Controller with CoDeSys
Weakness CWE-287 · Improper authentication
Published April 25, 2014
Last update July 2, 2025

CVSS base score

What the vulnerability does

01Description

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.

Key dates

02Disclosure timeline

April 25, 2014 CVE published
July 2, 2025 Record updated