Skip to main content

CISA issues advisory on vulnerability in Festo MSE6-C2M D2M E2M devices

November 27, 2025

Festo's MSE6-C2M, D2M, and E2M product lines contain a vulnerability that involves hidden functionality, which could be exploited remotely by an authenticated user with low privileges to affect the devices' confidentiality, integrity, and availability.

The identified issue, registered as CVE-2023-3634, impacts all versions of multiple product variants within the MSE6 family, including MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD and similar models with different identifiers. The vulnerability stems from undocumented test mode functions accessible remotely by authenticated attackers with limited privileges, with a Common Vulnerability Scoring System (CVSS) v3.1 base score of 8.8 and vector Antivirus Software (AV):N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. These functions are part of the firmware or software across all affected versions.

This vulnerability can lead to complete compromise of the affected devices, resulting in loss of confidentiality, integrity, and availability of the systems.

To address the issue, Festo has updated user documentation in newer product versions. No specific software patches or fixes were mentioned. The advisory recommends employing defensive network configurations and access controls to reduce exposure.

CISA advises minimizing network exposure of control system devices by restricting internet accessibility, placing control systems behind firewalls to isolate them from business networks, and using secure remote access methods like VPNs while maintaining updated systems. Organizations should conduct thorough impact analyses and risk assessments before applying these measures. Additional resources on control systems security best practices and mitigation strategies are available through CISA. Reporting any suspected malicious activities following internal protocols and to CISA is encouraged. Guidance to protect against social engineering includes avoiding unsolicited email links and attachments, supported by informational documents from CISA.