#OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in Auditlog

#OT #Advisory VDE-2026-018
CODESYS Control V3 - Externally-controlled format string in Auditlog

The CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.
#CVE CVE-2026-3509

https://certvde.com/en/advisories/vde-2026-018/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-03_vde-2026-018.json

#OT #Advisory VDE-2026-011
CODESYS Control V3 - Untrusted boot application

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.
#CVE CVE-2025-41660

https://certvde.com/en/advisories/vde-2026-011/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json