CVE-2026-3509

🗓️ 24 Mar 2026 07:42:33Reported by CERTVDEType

Unauthenticated attacker can control the audit log format string in Codesys Control, risking denial of service.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-3509	24 Mar 202607:42	–	attackerkb
Circl	CVE-2026-3509	24 Mar 202607:16	–	circl
CNNVD	CODESYS Control runtime system 格式化字符串错误漏洞	24 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-3509 CODESYS Control Audit Log Format String DoS	24 Mar 202607:42	–	cvelist
EUVD	EUVD-2026-14784	24 Mar 202609:30	–	euvd
NVD	CVE-2026-3509	24 Mar 202608:16	–	nvd
Positive Technologies	PT-2026-27353	24 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-3509	26 Mar 202615:04	–	redhatcve
Vulnrichment	CVE-2026-3509 CODESYS Control Audit Log Format String DoS	24 Mar 202607:42	–	vulnrichment

Vulners

Node

codesys codesys_control_rteRange<3.5.22.0

codesys codesys_control_rte_slRange<3.5.22.0

codesys codesys_control_winRange<3.5.22.0

codesys codesys_runtime_toolkit_32_bit_fullRange<3.5.22.0

codesys codesys_control_for_beaglebone_slRange<4.21.0.0

codesys codesys_control_for_empc-a/imx6_slRange<4.21.0.0

codesys codesys_control_for_iot2000_slRange<4.21.0.0

codesys codesys_control_for_linux_arm_slRange<4.21.0.0

codesys codesys_control_for_linux_slRange<4.21.0.0

codesys codesys_control_for_pfc100_slRange<4.21.0.0

codesys codesys_control_for_pfc200_slRange<4.21.0.0

codesys codesys_control_for_plcnext_slRange<4.21.0.0

codesys codesys_control_for_raspberry_pi_slRange<4.21.0.0

codesys codesys_control_for_wago_touch_panels_600_slRange<4.21.0.0

codesys codesys_virtual_control_slRange<4.21.0.0

[
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control RTE (SL)",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "3.5.22.0",
        "status": "affected",
        "version": "3.5.17.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control RTE (for Beckhoff CX) SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "3.5.22.0",
        "status": "affected",
        "version": "3.5.17.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control Win (SL)",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "3.5.22.0",
        "status": "affected",
        "version": "3.5.17.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Runtime Toolkit",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "3.5.22.0",
        "status": "affected",
        "version": "3.5.17.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for BeagleBone SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for emPC-A/iMX6 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for IOT2000 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for Linux ARM SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for Linux SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for PFC100 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for PFC200 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for PLCnext SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for Raspberry Pi SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Control for WAGO Touch Panels 600 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CODESYS Virtual Control SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "lessThan": "4.21.0.0",
        "status": "affected",
        "version": "4.1.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
certvde	www.certvde.com/de/advisories/VDE-2026-018

17 Jun 2026 10:43Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.17.5

EPSS0.00353

SSVC

CWE-134