Description

An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial‑of‑service (DoS) condition.

INFO

Published Date :

2026-03-24T07:42:33.820Z

Last Modified :

2026-03-26T12:35:48.666Z

Source :

CERTVDE
AFFECTED PRODUCTS

The following products are affected by CVE-2026-3509 vulnerability.

Vendors Products
Codesys
  • Control For Beaglebone Sl
  • Control For Empc-a/imx6 Sl
  • Control For Iot2000 Sl
  • Control For Linux Arm Sl
  • Control For Linux Sl
  • Control For Pfc100 Sl
  • Control For Pfc200 Sl
  • Control For Plcnext Sl
  • Control For Raspberry Pi Sl
  • Control For Wago Touch Panels 600 Sl
  • Control Rte (sl)
  • Control Rte \(for Beckhoff Cx\) Sl
  • Control Win (sl)
  • Runtime Toolkit
  • Virtual Control Sl
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-3509.

URL Resource
https://certvde.com/de/advisories/VDE-2026-018 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact