CVE-2026-2364

Publication date

2026-03-10 07:22:42

Family

CERTVDE

State

PUBLISHED

Description

If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer.