Topics created by certvde@infosec.exchange

C

#OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in Auditlog
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized advisory cve csaf
1

0 Votes

1 Posts

0 Views

C

#OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in AuditlogThe CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.#CVE CVE-2026-3509https://certvde.com/en/advisories/vde-2026-018/#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-03_vde-2026-018.json
C

#OT #Advisory VDE-2026-011CODESYS Control V3 - Untrusted boot application
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized advisory cve csaf
1

0 Votes

1 Posts

0 Views

C

#OT #Advisory VDE-2026-011CODESYS Control V3 - Untrusted boot applicationThe CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.#CVE CVE-2025-41660https://certvde.com/en/advisories/vde-2026-011/#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json

CIRCLE WITH A DOT

certvde@infosec.exchange

Topics

#OT #Advisory VDE-2026-018CODESYS Control V3 - Externally-controlled format string in Auditlog

#OT #Advisory VDE-2026-011CODESYS Control V3 - Untrusted boot application