CVE-2023-3634
Undocumented Test Mode Allows Remote Authenticated Privilege Escalation in Festo MSE
Publication date: 2026-04-16
Last updated on: 2026-04-16
Assigner: CERT VDE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| festo | mse6 | * |
| festo | mse6-c2m | * |
| festo | mse6-d2m | * |
| festo | mse6-e2m | * |
| festo | mse6-c2m-5000 | * |
| festo | mse6-d2m-5000 | * |
| festo | mse6-e2m-5000 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1242 | The device includes chicken bits or undocumented features that can create entry points for unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the MSE6 product family by Festo leads to a complete loss of confidentiality, integrity, and availability of the affected devices. Such impacts can negatively affect compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.
The root cause is incomplete user documentation and the use of protocols that no longer meet current security standards. This can result in unauthorized access if network isolation is inadequate, potentially causing data breaches or service disruptions.
To mitigate these risks and support compliance, Festo recommends minimizing and protecting network access using state-of-the-art security measures such as operating devices only in protected environments, using firewalls, VPN tunnels, user management, password features, encrypted communication, and maintaining up-to-date antivirus solutions.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided information does not include specific detection methods or commands to identify the presence or exploitation of the vulnerability on your network or system.
Can you explain this vulnerability to me?
CVE-2023-3634 affects the MSE6 product family by Festo and involves undocumented test mode functions that can be accessed remotely by an authenticated attacker with low privileges.
These hidden functions are not properly documented and can be exploited to cause a complete loss of confidentiality, integrity, and availability of the affected devices.
The root cause is incomplete user documentation that fails to disclose these authenticated test mode functions and other remote-accessible features.
The products were developed according to the state of the art at the time but use protocols that no longer meet current security standards.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to a complete loss of confidentiality, integrity, and availability of the affected devices.
- An attacker with low privileges and remote authenticated access can misuse undocumented test mode functions.
- This can result in denial of service (DoS), data integrity loss, or other malfunctions.
- If the industrial network is not properly isolated, unauthorized access becomes possible, increasing the risk of damage.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the vulnerability in the Festo MSE6 product family, it is recommended to minimize and protect network access using state-of-the-art security measures.
- Operate devices only in protected environments.
- Use firewalls to separate control networks.
- Employ VPN tunnels for remote access.
- Enable user management and password features.
- Use encrypted communication.
- Limit physical and OS-level access.
- Maintain up-to-date antivirus solutions.
Additionally, updating the user documentation in the next product version to properly cover these remote accessible functions is recommended.