Home / Vulnerability Intelligence / CVE-2023-3634

CVE-2023-3634 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 17, 2026

Festo MSE6 - Broken Access Control

Published: April 16, 2026Updated: April 17, 2026Remote Exploitable

Overview

Festo MSE6 product-family contains an undocumented test mode vulnerability, letting remote authenticated low privileged attackers cause complete loss of confidentiality, integrity, and availability, exploit requires authentication.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Authenticated low privileged attackers can fully compromise confidentiality, integrity, and availability of the system.

Mitigation

Update to the latest version or apply vendor patches addressing undocumented test mode access.

References

https://certvde.com/de/advisories/VDE-2023-020/
https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2023/fsa-202304.json

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2023-3634
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: unconfirmed

CWE

CWE-1242

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H