Vulnerability-Lookup

CVE-2026-8046 (GCVE-0-2026-8046)

Vulnerability from cvelistv5 – Published: 2026-05-26 06:45 – Updated: 2026-05-26 10:48

Title

Incorrect Authorization in CODESYS Control

Summary

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.

Severity

7.2 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-863 - Incorrect Authorization

Assigner

CERTVDE

References

1 reference

URL	Tags
https://www.certvde.com/en/advisories/VDE-2026-056/

Impacted products

16 products

Vendor	Product	Version
CODESYS	CODESYS Control RTE (SL)	Affected: 3.0.0.0 , < 3.5.22.20 (semver)
CODESYS	CODESYS Control RTE (for Beckhoff CX) SL	Affected: 3.0.0.0 , < 3.5.22.20 (semver)
CODESYS	CODESYS Control Win (SL)	Affected: 3.0.0.0 , < 3.5.22.20 (semver)
CODESYS	CODESYS HMI (SL)	Affected: 3.0.0.0 , < 3.5.22.20 (semver)
CODESYS	CODESYS Runtime Toolkit	Affected: 3.0.0.0 , < 3.5.22.20 (semver)
CODESYS	CODESYS Control for BeagleBone SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for emPC-A/iMX6 SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for IOT2000 SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for Linux ARM SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for Linux SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for PFC100 SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for PFC200 SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for PLCnext SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for Raspberry Pi SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Control for WAGO Touch Panels 600 SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)
CODESYS	CODESYS Virtual Control SL	Affected: 3.0.0.0 , < 4.21.0.0 (semver)

Credits

ABB AG

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8046",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-26T10:44:58.318097Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-26T10:48:37.908Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control RTE (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.22.20",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control RTE (for Beckhoff CX) SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.22.20",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control Win (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.22.20",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS HMI (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.22.20",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Runtime Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.22.20",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for BeagleBone SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for emPC-A/iMX6 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for IOT2000 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Linux ARM SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Linux SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PFC100 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PFC200 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PLCnext SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Raspberry Pi SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for WAGO Touch Panels 600 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Virtual Control SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.21.0.0",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.5.22.20",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.5.22.20",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.5.22.20",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.5.22.20",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.5.22.20",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        },
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:codesys:codesys_virtual_control_sl_:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.21.0.0",
                  "versionStartIncluding": "3.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ABB AG"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
            }
          ],
          "value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863 Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-26T06:46:47.189Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://www.certvde.com/en/advisories/VDE-2026-056/"
        }
      ],
      "source": {
        "advisory": "VDE-2026-056",
        "defect": [
          "CERT@VDE#642072"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect Authorization in CODESYS Control",
      "x_generator": {
        "engine": "Vulnogram 0.4.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2026-8046",
    "datePublished": "2026-05-26T06:45:21.724Z",
    "dateReserved": "2026-05-06T17:10:12.759Z",
    "dateUpdated": "2026-05-26T10:48:37.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-8046",
      "date": "2026-05-27",
      "epss": "0.00096",
      "percentile": "0.2642"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-8046\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2026-05-26T08:16:22.267\",\"lastModified\":\"2026-05-26T20:00:24.897\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"references\":[{\"url\":\"https://www.certvde.com/en/advisories/VDE-2026-056/\",\"source\":\"info@cert.vde.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-8046\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-26T10:44:58.318097Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-26T10:48:33.305Z\"}}], \"cna\": {\"title\": \"Incorrect Authorization in CODESYS Control\", \"source\": {\"defect\": [\"CERT@VDE#642072\"], \"advisory\": \"VDE-2026-056\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"ABB AG\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.2, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control RTE (SL)\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"3.5.22.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control RTE (for Beckhoff CX) SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"3.5.22.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control Win (SL)\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"3.5.22.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS HMI (SL)\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"3.5.22.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Runtime Toolkit\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"3.5.22.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for BeagleBone SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for emPC-A/iMX6 SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for IOT2000 SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for Linux ARM SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for Linux SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for PFC100 SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for PFC200 SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for PLCnext SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for Raspberry Pi SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Control for WAGO Touch Panels 600 SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"CODESYS\", \"product\": \"CODESYS Virtual Control SL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0.0\", \"lessThan\": \"4.21.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.certvde.com/en/advisories/VDE-2026-056/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.4.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863 Incorrect Authorization\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.5.22.20\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.5.22.20\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.5.22.20\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.5.22.20\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.5.22.20\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}, {\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:codesys:codesys_virtual_control_sl_:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.21.0.0\", \"versionStartIncluding\": \"3.0.0.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2026-05-26T06:46:47.189Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-8046\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-26T10:48:37.908Z\", \"dateReserved\": \"2026-05-06T17:10:12.759Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2026-05-26T06:45:21.724Z\", \"assignerShortName\": \"CERTVDE\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

ADVISORY2026-08_VDE-2026-056

Vulnerability from csaf_codesysgmbh - Published: 2026-05-26 10:00 - Updated: 2026-05-26 10:00

Summary

CODESYS Control - Incorrect Authorization

Severity

High

Notes

Summary: The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users. Due to insufficient authorization checks an authenticated remote user with low-privileged visualization administrator access can delete higher-privileged accounts. However, independent mechanisms protect the deletion of the last remaining device admin user, preventing a complete loss of administrative access to the device. The CODESYS Control runtime system is only affected if the optional visualization user management feature is enabled and a visualization administrator account has been configured.

Impact: Successful exploitation of this vulnerability allows an authenticated, low-privileged remote visualization administrator to perform unauthorized deletion of user accounts within the device user management. This results in a persistent denial-of-service for legitimate users and may prevent logins of communciation clients.

Remediation: Update the following products to version 3.5.22.20. * CODESYS Control RTE (SL) * CODESYS Control RTE (for Beckhoff CX) SL * CODESYS Control Win (SL) * CODESYS HMI (SL) * CODESYS Runtime Toolkit Update the following products to version 4.21.0.0. The release of this version is expected in June 2026. * CODESYS Control for BeagleBone SL * CODESYS Control for emPC-A/iMX6 SL * CODESYS Control for IOT2000 SL * CODESYS Control for Linux ARM SL * CODESYS Control for Linux SL * CODESYS Control for PFC100 SL * CODESYS Control for PFC200 SL * CODESYS Control for PLCnext SL * CODESYS Control for Raspberry Pi SL * CODESYS Control for WAGO Touch Panels 600 SL * CODESYS Virtual Control SL The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.

General Recommendation: As part of a security strategy, CODESYS GmbH strongly recommends at least the following best-practice defense measures: * Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside * Use firewalls to protect and separate the control system network from other networks * Activate and apply user management and password features * Limit the access to both development and control system by physical means, operating system features, etc. * Use encrypted communication links * Use VPN (Virtual Private Networks) tunnels if remote access is required * Protect both development and control system by using up to date virus detecting solutions For more information and general recommendations for protecting machines and plants, see also the CODESYS Security Whitepaper [here.](https://www.customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf)

Disclaimer: CODESYS GmbH assumes no liability whatsoever for indirect, collateral, accidental or consequential losses that occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided on good faith by CODESYS GmbH. Insofar as permissible by law, however, none of this information shall establish any guarantee, commitment or liability on the part of CODESYS GmbH. Note: Not all CODESYS features are available in all territories. For more information on geographic restrictions, please contact sales@codesys.com.

CVE-2026-8046

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE-863 - Incorrect Authorization

Vendor Fix Update the following products to version 3.5.22.20. * CODESYS Control RTE (SL) * CODESYS Control RTE (for Beckhoff CX) SL * CODESYS Control Win (SL) * CODESYS HMI (SL) * CODESYS Runtime Toolkit The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.

None Available Update the following products to version 4.21.0.0. The release of this version is expected in June 2026. * CODESYS Control for BeagleBone SL * CODESYS Control for emPC-A/iMX6 SL * CODESYS Control for IOT2000 SL * CODESYS Control for Linux ARM SL * CODESYS Control for Linux SL * CODESYS Control for PFC100 SL * CODESYS Control for PFC200 SL * CODESYS Control for PLCnext SL * CODESYS Control for Raspberry Pi SL * CODESYS Control for WAGO Touch Panels 600 SL * CODESYS Virtual Control SL The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.

Affected products

Fixed 16 products

Product	Identifier	Version	Remediation
CODESYS Control RTE (SL) 3.5.22.20 CODESYS / Software / CODESYS Control RTE (SL)		3.5.22.20
CODESYS Control RTE (for Beckhoff CX) SL 3.5.22.20 CODESYS / Software / CODESYS Control RTE (for Beckhoff CX) SL		3.5.22.20
CODESYS Control Win (SL) 3.5.22.20 CODESYS / Software / CODESYS Control Win (SL)		3.5.22.20
CODESYS HMI (SL) 3.5.22.20 CODESYS / Software / CODESYS HMI (SL)		3.5.22.20
CODESYS Runtime Toolkit 3.5.22.20 CODESYS / Software / CODESYS Runtime Toolkit		3.5.22.20
CODESYS Control for BeagleBone SL 4.21.0.0 CODESYS / Software / CODESYS Control for BeagleBone SL		4.21.0.0
CODESYS Control for emPC-A/iMX6 SL 4.21.0.0 CODESYS / Software / CODESYS Control for emPC-A/iMX6 SL		4.21.0.0
CODESYS Control for IOT2000 SL 4.21.0.0 CODESYS / Software / CODESYS Control for IOT2000 SL		4.21.0.0
CODESYS Control for Linux ARM SL 4.21.0.0 CODESYS / Software / CODESYS Control for Linux ARM SL		4.21.0.0
CODESYS Control for Linux SL 4.21.0.0 CODESYS / Software / CODESYS Control for Linux SL		4.21.0.0
CODESYS Control for PFC100 SL 4.21.0.0 CODESYS / Software / CODESYS Control for PFC100 SL		4.21.0.0
CODESYS Control for PFC200 SL 4.21.0.0 CODESYS / Software / CODESYS Control for PFC200 SL		4.21.0.0
CODESYS Control for PLCnext SL 4.21.0.0 CODESYS / Software / CODESYS Control for PLCnext SL		4.21.0.0
CODESYS Control for Raspberry Pi SL 4.21.0.0 CODESYS / Software / CODESYS Control for Raspberry Pi SL		4.21.0.0
CODESYS Control for WAGO Touch Panels 600 SL 4.21.0.0 CODESYS / Software / CODESYS Control for WAGO Touch Panels 600 SL		4.21.0.0
CODESYS Virtual Control SL 4.21.0.0 CODESYS / Software / CODESYS Virtual Control SL		4.21.0.0

Known affected 16 products

Product	Identifier	Version	Remediation
CODESYS Control RTE (SL) < 3.5.22.20 CODESYS / Software / CODESYS Control RTE (SL)		vers:generic/<3.5.22.20
CODESYS Control RTE (for Beckhoff CX) SL < 3.5.22.20 CODESYS / Software / CODESYS Control RTE (for Beckhoff CX) SL		vers:generic/<3.5.22.20
CODESYS Control Win (SL) < 3.5.22.20 CODESYS / Software / CODESYS Control Win (SL)		vers:generic/<3.5.22.20
CODESYS HMI (SL) < 3.5.22.20 CODESYS / Software / CODESYS HMI (SL)		vers:generic/<3.5.22.20
CODESYS Runtime Toolkit < 3.5.22.20 CODESYS / Software / CODESYS Runtime Toolkit		vers:generic/<3.5.22.20
CODESYS Control for BeagleBone SL < 4.21.0.0 CODESYS / Software / CODESYS Control for BeagleBone SL		vers:generic/<4.21.0.0
CODESYS Control for emPC-A/iMX6 SL < 4.21.0.0 CODESYS / Software / CODESYS Control for emPC-A/iMX6 SL		vers:generic/<4.21.0.0
CODESYS Control for IOT2000 SL < 4.21.0.0 CODESYS / Software / CODESYS Control for IOT2000 SL		vers:generic/<4.21.0.0
CODESYS Control for Linux ARM SL < 4.21.0.0 CODESYS / Software / CODESYS Control for Linux ARM SL		vers:generic/<4.21.0.0
CODESYS Control for Linux SL < 4.21.0.0 CODESYS / Software / CODESYS Control for Linux SL		vers:generic/<4.21.0.0
CODESYS Control for PFC100 SL < 4.21.0.0 CODESYS / Software / CODESYS Control for PFC100 SL		vers:generic/<4.21.0.0
CODESYS Control for PFC200 SL < 4.21.0.0 CODESYS / Software / CODESYS Control for PFC200 SL		vers:generic/<4.21.0.0
CODESYS Control for PLCnext SL < 4.21.0.0 CODESYS / Software / CODESYS Control for PLCnext SL		vers:generic/<4.21.0.0
CODESYS Control for Raspberry Pi SL < 4.21.0.0 CODESYS / Software / CODESYS Control for Raspberry Pi SL		vers:generic/<4.21.0.0
CODESYS Control for WAGO Touch Panels 600 SL < 4.21.0.0 CODESYS / Software / CODESYS Control for WAGO Touch Panels 600 SL		vers:generic/<4.21.0.0
CODESYS Virtual Control SL < 4.21.0.0 CODESYS / Software / CODESYS Virtual Control SL		vers:generic/<4.21.0.0

References

6 references

URL	Category
https://www.certvde.com/en/advisories/vendor/codesys	external
https://www.certvde.com/en/advisories/VDE-2026-056/	self
https://codesys.csaf-tp.certvde.com/.well-known/c…	self
https://www.codesys.com/security/security-reports.html	external
https://api-www.codesys.com/fileadmin/user_upload…	self
https://www.first.org/cvss/calculator/4.0#CVSS:4.…	external

Acknowledgments

CERT@VDE www.certvde.com

ABB AG

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://www.certvde.com"
        ]
      },
      {
        "organization": "ABB AG",
        "summary": "reporting"
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
      "text": "High"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.\n\nDue to insufficient authorization checks an authenticated remote user with low-privileged visualization administrator access can delete higher-privileged accounts. However, independent mechanisms protect the deletion of the last remaining device admin user, preventing a complete loss of administrative access to the device.\n\nThe CODESYS Control runtime system is only affected if the optional visualization user management feature is enabled and a visualization administrator account has been configured.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Successful exploitation of this vulnerability allows an authenticated, low-privileged remote visualization administrator to perform unauthorized deletion of user accounts within the device user management. This results in a persistent denial-of-service for legitimate users and may prevent logins of communciation clients.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Update the following products to version 3.5.22.20.\n* CODESYS Control RTE (SL)\n* CODESYS Control RTE (for Beckhoff CX) SL\n* CODESYS Control Win (SL)\n* CODESYS HMI (SL)\n* CODESYS Runtime Toolkit\n\nUpdate the following products to version 4.21.0.0.  The release of this version is expected in June 2026.\n* CODESYS Control for BeagleBone SL\n* CODESYS Control for emPC-A/iMX6 SL\n* CODESYS Control for IOT2000 SL\n* CODESYS Control for Linux ARM SL\n* CODESYS Control for Linux SL\n* CODESYS Control for PFC100 SL\n* CODESYS Control for PFC200 SL\n* CODESYS Control for PLCnext SL\n* CODESYS Control for Raspberry Pi SL\n* CODESYS Control for WAGO Touch Panels 600 SL\n* CODESYS Virtual Control SL\n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded\nand installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as\nwell as for all other products, you will find further information on obtaining the software update in the CODESYS\nUpdate area https://www.codesys.com/download/.",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "As part of a security strategy, CODESYS GmbH strongly recommends at least the following best-practice\ndefense measures:\n\n* Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n* Use firewalls to protect and separate the control system network from other networks\n* Activate and apply user management and password features\n* Limit the access to both development and control system by physical means, operating system features, etc.\n* Use encrypted communication links\n* Use VPN (Virtual Private Networks) tunnels if remote access is required\n* Protect both development and control system by using up to date virus detecting solutions\n\nFor more information and general recommendations for protecting machines and plants, see also the\nCODESYS Security Whitepaper [here.](https://www.customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf)",
        "title": "General Recommendation"
      },
      {
        "category": "legal_disclaimer",
        "text": "CODESYS GmbH assumes no liability whatsoever for indirect, collateral, accidental or consequential losses\nthat occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided on good faith by CODESYS GmbH.\nInsofar as permissible by law, however, none of this information shall establish any guarantee, commitment or\nliability on the part of CODESYS GmbH.\n\nNote: Not all CODESYS features are available in all territories. For more information on geographic restrictions,\nplease contact sales@codesys.com.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "security@codesys.com",
      "name": "CODESYS GmbH",
      "namespace": "https://www.codesys.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for CODESYS GmbH",
        "url": "https://www.certvde.com/en/advisories/vendor/codesys"
      },
      {
        "category": "self",
        "summary": "Advisory2026-08_VDE-2026-056: CODESYS Control - Incorrect Authorization - HTML",
        "url": "https://www.certvde.com/en/advisories/VDE-2026-056/"
      },
      {
        "category": "self",
        "summary": "Advisory2026-08_VDE-2026-056: CODESYS Control - Incorrect Authorization - CSAF",
        "url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-08_vde-2026-056.json"
      },
      {
        "category": "external",
        "summary": "CODESYS Security Advisories",
        "url": "https://www.codesys.com/security/security-reports.html"
      },
      {
        "category": "self",
        "summary": "Advisory2026-08_VDE-2026-056: CODESYS Control - Incorrect Authorization - PDF",
        "url": "https://api-www.codesys.com/fileadmin/user_upload/CODESYS_Group/Ecosystem/Up-to-Date/Security/Security-Advisories/Advisory2026-08_CDS-97148.pdf"
      }
    ],
    "title": "CODESYS Control - Incorrect Authorization",
    "tracking": {
      "aliases": [
        "VDE-2026-056",
        "CODESYS Security Advisory 2026-08"
      ],
      "current_release_date": "2026-05-26T10:00:00.000Z",
      "generator": {
        "date": "2026-05-22T12:45:40.344Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.44"
        }
      },
      "id": "Advisory2026-08_VDE-2026-056",
      "initial_release_date": "2026-05-26T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-05-26T10:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c3.5.22.20",
                    "product": {
                      "name": "CODESYS Control RTE (SL) \u003c 3.5.22.20",
                      "product_id": "CSAFPID-51001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "3.5.22.20",
                    "product": {
                      "name": "CODESYS Control RTE (SL) 3.5.22.20",
                      "product_id": "CSAFPID-52001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control RTE (SL)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c3.5.22.20",
                    "product": {
                      "name": "CODESYS Control RTE (for Beckhoff CX) SL \u003c 3.5.22.20",
                      "product_id": "CSAFPID-51002"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "3.5.22.20",
                    "product": {
                      "name": "CODESYS Control RTE (for Beckhoff CX) SL 3.5.22.20",
                      "product_id": "CSAFPID-52002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control RTE (for Beckhoff CX) SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c3.5.22.20",
                    "product": {
                      "name": "CODESYS Control Win (SL) \u003c 3.5.22.20",
                      "product_id": "CSAFPID-51003"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "3.5.22.20",
                    "product": {
                      "name": "CODESYS Control Win (SL) 3.5.22.20",
                      "product_id": "CSAFPID-52003"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control Win (SL)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c3.5.22.20",
                    "product": {
                      "name": "CODESYS HMI (SL) \u003c 3.5.22.20",
                      "product_id": "CSAFPID-51004"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "3.5.22.20",
                    "product": {
                      "name": "CODESYS HMI (SL) 3.5.22.20",
                      "product_id": "CSAFPID-52004"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS HMI (SL)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c3.5.22.20",
                    "product": {
                      "name": "CODESYS Runtime Toolkit \u003c 3.5.22.20",
                      "product_id": "CSAFPID-51005"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "3.5.22.20",
                    "product": {
                      "name": "CODESYS Runtime Toolkit 3.5.22.20",
                      "product_id": "CSAFPID-52005"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Runtime Toolkit"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for BeagleBone SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51006"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for BeagleBone SL 4.21.0.0",
                      "product_id": "CSAFPID-52006"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for BeagleBone SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for emPC-A/iMX6 SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51007"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for emPC-A/iMX6 SL 4.21.0.0",
                      "product_id": "CSAFPID-52007"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for emPC-A/iMX6 SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for IOT2000 SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51008"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for IOT2000 SL 4.21.0.0",
                      "product_id": "CSAFPID-52008"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for IOT2000 SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Linux ARM SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51009"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Linux ARM SL 4.21.0.0",
                      "product_id": "CSAFPID-52009"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for Linux ARM SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Linux SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51010"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Linux SL 4.21.0.0",
                      "product_id": "CSAFPID-52010"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for Linux SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PFC100 SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51011"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PFC100 SL 4.21.0.0",
                      "product_id": "CSAFPID-52011"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for PFC100 SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PFC200 SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51012"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PFC200 SL 4.21.0.0",
                      "product_id": "CSAFPID-52012"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for PFC200 SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PLCnext SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51013"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for PLCnext SL 4.21.0.0",
                      "product_id": "CSAFPID-52013"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for PLCnext SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Raspberry Pi SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51014"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for Raspberry Pi SL 4.21.0.0",
                      "product_id": "CSAFPID-52014"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for Raspberry Pi SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for WAGO Touch Panels 600 SL \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51015"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Control for WAGO Touch Panels 600 SL 4.21.0.0",
                      "product_id": "CSAFPID-52015"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Control for WAGO Touch Panels 600 SL"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:generic/\u003c4.21.0.0",
                    "product": {
                      "name": "CODESYS Virtual Control SL  \u003c 4.21.0.0",
                      "product_id": "CSAFPID-51016"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.21.0.0",
                    "product": {
                      "name": "CODESYS Virtual Control SL  4.21.0.0",
                      "product_id": "CSAFPID-52016"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CODESYS Virtual Control SL "
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "CODESYS"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-1001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002",
          "CSAFPID-51003",
          "CSAFPID-51004",
          "CSAFPID-51005"
        ],
        "summary": "Affected products v3.5.x."
      },
      {
        "group_id": "CSAFGID-2001",
        "product_ids": [
          "CSAFPID-52001",
          "CSAFPID-52002",
          "CSAFPID-52003",
          "CSAFPID-52004",
          "CSAFPID-52005"
        ],
        "summary": "Fixed products v3.5.x."
      },
      {
        "group_id": "CSAFGID-1002",
        "product_ids": [
          "CSAFPID-51006",
          "CSAFPID-51007",
          "CSAFPID-51008",
          "CSAFPID-51009",
          "CSAFPID-51010",
          "CSAFPID-51011",
          "CSAFPID-51012",
          "CSAFPID-51013",
          "CSAFPID-51014",
          "CSAFPID-51015",
          "CSAFPID-51016"
        ],
        "summary": "Affected products v4.x."
      },
      {
        "group_id": "CSAFGID-2002",
        "product_ids": [
          "CSAFPID-52006",
          "CSAFPID-52007",
          "CSAFPID-52008",
          "CSAFPID-52009",
          "CSAFPID-52010",
          "CSAFPID-52011",
          "CSAFPID-52012",
          "CSAFPID-52013",
          "CSAFPID-52014",
          "CSAFPID-52015",
          "CSAFPID-52016"
        ],
        "summary": "Fixed products v4.x."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-8046",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-52001",
          "CSAFPID-52002",
          "CSAFPID-52003",
          "CSAFPID-52004",
          "CSAFPID-52005",
          "CSAFPID-52006",
          "CSAFPID-52007",
          "CSAFPID-52008",
          "CSAFPID-52009",
          "CSAFPID-52010",
          "CSAFPID-52011",
          "CSAFPID-52012",
          "CSAFPID-52013",
          "CSAFPID-52014",
          "CSAFPID-52015",
          "CSAFPID-52016"
        ],
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002",
          "CSAFPID-51003",
          "CSAFPID-51004",
          "CSAFPID-51005",
          "CSAFPID-51006",
          "CSAFPID-51007",
          "CSAFPID-51008",
          "CSAFPID-51009",
          "CSAFPID-51010",
          "CSAFPID-51011",
          "CSAFPID-51012",
          "CSAFPID-51013",
          "CSAFPID-51014",
          "CSAFPID-51015",
          "CSAFPID-51016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N - 7.2 / High",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update the following products to version 3.5.22.20.\n* CODESYS Control RTE (SL)\n* CODESYS Control RTE (for Beckhoff CX) SL\n* CODESYS Control Win (SL)\n* CODESYS HMI (SL)\n* CODESYS Runtime Toolkit\n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded\nand installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as\nwell as for all other products, you will find further information on obtaining the software update in the CODESYS\nUpdate area https://www.codesys.com/download/.",
          "group_ids": [
            "CSAFGID-1001"
          ]
        },
        {
          "category": "none_available",
          "details": "Update the following products to version 4.21.0.0.  The release of this version is expected in June 2026.\n* CODESYS Control for BeagleBone SL\n* CODESYS Control for emPC-A/iMX6 SL\n* CODESYS Control for IOT2000 SL\n* CODESYS Control for Linux ARM SL\n* CODESYS Control for Linux SL\n* CODESYS Control for PFC100 SL\n* CODESYS Control for PFC200 SL\n* CODESYS Control for PLCnext SL\n* CODESYS Control for Raspberry Pi SL\n* CODESYS Control for WAGO Touch Panels 600 SL\n* CODESYS Virtual Control SL\n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded\nand installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as\nwell as for all other products, you will find further information on obtaining the software update in the CODESYS\nUpdate area https://www.codesys.com/download/.",
          "group_ids": [
            "CSAFGID-1002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002",
            "CSAFPID-51003",
            "CSAFPID-51004",
            "CSAFPID-51005",
            "CSAFPID-51006",
            "CSAFPID-51007",
            "CSAFPID-51008",
            "CSAFPID-51009",
            "CSAFPID-51010",
            "CSAFPID-51011",
            "CSAFPID-51012",
            "CSAFPID-51013",
            "CSAFPID-51014",
            "CSAFPID-51015",
            "CSAFPID-51016"
          ]
        }
      ],
      "title": "Incorrect Authorization in CODESYS Control"
    }
  ]
}

FKIE_CVE-2026-8046

Vulnerability from fkie_nvd - Published: 2026-05-26 08:16 - Updated: 2026-05-26 20:00

Severity

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

References

	URL	Tags
	info@cert.vde.com	https://www.certvde.com/en/advisories/VDE-2026-056/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
    }
  ],
  "id": "CVE-2026-8046",
  "lastModified": "2026-05-26T20:00:24.897",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "info@cert.vde.com",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "info@cert.vde.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-26T08:16:22.267",
  "references": [
    {
      "source": "info@cert.vde.com",
      "url": "https://www.certvde.com/en/advisories/VDE-2026-056/"
    }
  ],
  "sourceIdentifier": "info@cert.vde.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "info@cert.vde.com",
      "type": "Primary"
    }
  ]
}

GHSA-H6MV-MGPJ-6795

Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30

Details

Severity

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.2 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-8046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-26T08:16:22Z",
    "severity": "HIGH"
  },
  "details": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.",
  "id": "GHSA-h6mv-mgpj-6795",
  "modified": "2026-05-26T13:30:55Z",
  "published": "2026-05-26T13:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8046"
    },
    {
      "type": "WEB",
      "url": "https://www.certvde.com/en/advisories/VDE-2026-056"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-8046 (GCVE-0-2026-8046)

ADVISORY2026-08_VDE-2026-056

FKIE_CVE-2026-8046

GHSA-H6MV-MGPJ-6795

Tags

Sightings

Nomenclature