CODESYS Control Audit Log Format String DoS_CVE-2026-3509

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial‑of‑service (DoS) condition.

Basic Information

ID CVE-2026-3509

Source CERTVDE

Published Mar 24, 2026 at 07:42

Modified Mar 26, 2026 at 12:35

Affected Product

Vendor CODESYS

Product CODESYS Control RTE (SL)

Version 3.5.17.0

Affected Versions CODESYS CODESYS Control RTE (SL) 3.5.17.0
CODESYS CODESYS Control RTE (for Beckhoff CX) SL 3.5.17.0
CODESYS CODESYS Control Win (SL) 3.5.17.0
CODESYS CODESYS Runtime Toolkit 3.5.17.0
CODESYS CODESYS Control for BeagleBone SL 4.1.0.0
CODESYS CODESYS Control for emPC-A/iMX6 SL 4.1.0.0
CODESYS CODESYS Control for IOT2000 SL 4.1.0.0
CODESYS CODESYS Control for Linux ARM SL 4.1.0.0
CODESYS CODESYS Control for Linux SL 4.1.0.0
CODESYS CODESYS Control for PFC100 SL 4.1.0.0
CODESYS CODESYS Control for PFC200 SL 4.1.0.0
CODESYS CODESYS Control for PLCnext SL 4.1.0.0
CODESYS CODESYS Control for Raspberry Pi SL 4.1.0.0
CODESYS CODESYS Control for WAGO Touch Panels 600 SL 4.1.0.0
CODESYS CODESYS Virtual Control SL 4.1.0.0

CWE Classification

CWE-134

References

certvde.com /de/advisories/VDE-2026-018

{
    "lastseen": "",
    "description": "An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial\u2011of\u2011service (DoS) condition.",
    "published": "2026-03-24T07:42:33.820Z",
    "modified": "2026-03-26T12:35:48.666Z",
    "type": "cve",
    "title": "CODESYS Control Audit Log Format String DoS",
    "source": "CERTVDE",
    "references": "https://certvde.com/de/advisories/VDE-2026-018",
    "id": "CVE-2026-3509",
    "bulletinFamily": "",
    "cwe": [
        "CWE-134"
    ],
    "cvelist": null,
    "sourceData": "CODESYS CODESYS Control RTE (SL) 3.5.17.0\nCODESYS CODESYS Control RTE (for Beckhoff CX) SL 3.5.17.0\nCODESYS CODESYS Control Win (SL) 3.5.17.0\nCODESYS CODESYS Runtime Toolkit 3.5.17.0\nCODESYS CODESYS Control for BeagleBone SL 4.1.0.0\nCODESYS CODESYS Control for emPC-A/iMX6 SL 4.1.0.0\nCODESYS CODESYS Control for IOT2000 SL 4.1.0.0\nCODESYS CODESYS Control for Linux ARM SL 4.1.0.0\nCODESYS CODESYS Control for Linux SL 4.1.0.0\nCODESYS CODESYS Control for PFC100 SL 4.1.0.0\nCODESYS CODESYS Control for PFC200 SL 4.1.0.0\nCODESYS CODESYS Control for PLCnext SL 4.1.0.0\nCODESYS CODESYS Control for Raspberry Pi SL 4.1.0.0\nCODESYS CODESYS Control for WAGO Touch Panels 600 SL 4.1.0.0\nCODESYS CODESYS Virtual Control SL 4.1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CODESYS Control RTE (SL)",
    "version": "3.5.17.0",
    "vendor": "CODESYS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}