Unrated severityNVD Advisory· Published Apr 25, 2014· Updated May 6, 2026

CVE-2014-0769

Description

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.

Affected products

3s Software/Codesys Runtime System
cpe:2.3:a:3s-software:codesys_runtime_system:-:*:*:*:*:*:*:*
Softmotion3d/Softmotion
cpe:2.3:a:softmotion3d:softmotion:-:*:*:*:*:*:*:*
Festo/Cecx X C1 Modular Master Controller
cpe:2.3:h:festo:cecx-x-c1_modular_master_controller:-:*:*:*:*:*:*:*
Festo/Cecx X M1 Modular Controller
cpe:2.3:h:festo:cecx-x-m1_modular_controller:-:*:*:*:*:*:*:*
Festo/Cecx X M1 Modular Controller With Codesys And Softmotionv5
Range: all

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-14-084-01nvdUS Government Resource
www.cisa.gov/news-events/ics-advisories/icsa-14-084-01nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000