CVE-2026-8046 - Vulnerability Details

- Incorrect Authorization in CODESYS Control

Description

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.

Published: 2026-05-26

Score: 7.2 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An authenticated, low‑privileged remote user can delete any user account on affected CODESYS Control installations, including accounts with higher privileges. This weakness allows an attacker to remove legitimate users, thereby disabling critical functions, potentially leading to a denial of service for privileged operations, and exposing the system to further compromise. The vulnerability is a missing authorization check during user deletion.

Affected Systems

All CODESYS Control products listed by the CNA are impacted, including CODESYS Control RTE (SL), CODESYS Control RTE for Beckhoff CX, CODESYS Control Win, CODESYS Control for BeagleBone, IOT2000, Linux ARM, Linux, PFC100, PFC200, PLCnext, Raspberry Pi, WAGO Touch Panels 600, emPC‑A/iMX6, CODESYS HMI, CODESYS Runtime Toolkit, and CODESYS Virtual Control SL. Specific affected firmware versions are not disclosed in the advisory.

Risk and Exploitability

The CVSS score of 7.2 indicates a high‑severity vulnerability. EPSS data is unavailable, and the weakness is not presently listed in CISA’s KEV catalog. Exploitation requires only a valid authenticated session with low‑privileged rights; the attacker can then issue delete commands for arbitrary accounts. Because the vulnerability operates in a remote context and bypasses authorization, the risk of accidental deletion or malicious removal of critical accounts is significant, warranting urgent attention.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

CODESYS

CODESYS Control RTE (SL)

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 3.5.22.20

CODESYS

CODESYS Control RTE (for Beckhoff CX) SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 3.5.22.20

CODESYS

CODESYS Control Win (SL)

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 3.5.22.20

CODESYS

CODESYS HMI (SL)

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 3.5.22.20

CODESYS

CODESYS Runtime Toolkit

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 3.5.22.20

CODESYS

CODESYS Control for BeagleBone SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for emPC-A/iMX6 SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for IOT2000 SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for Linux ARM SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for Linux SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for PFC100 SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for PFC200 SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for PLCnext SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for Raspberry Pi SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Control for WAGO Touch Panels 600 SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

CODESYS

CODESYS Virtual Control SL

unaffected

Version	Status	Constraints
`3.0.0.0`	affected	< 4.21.0.0

No data.

Vendor Product Confidence Versions

Codesys

Control For Beaglebone Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Empc-a/imx6 Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Iot2000 Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Linux Arm Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Linux Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Pfc100 Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Pfc200 Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Plcnext Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Raspberry Pi Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control For Wago Touch Panels 600 Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Codesys

Control Rte (sl)

95%

Version	Status	Scheme	Platform
`[3.0.0.0,3.5.22.20)`	affected	generic	—

Codesys

Control Rte \(for Beckhoff Cx\) Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,3.5.22.20)`	affected	generic	—

Codesys

Control Win (sl)

95%

Version	Status	Scheme	Platform
`[3.0.0.0,3.5.22.20)`	affected	generic	—

Codesys

Hmi (sl)

95%

Version	Status	Scheme	Platform
`[3.0.0.0,3.5.22.20)`	affected	generic	—

Codesys

Runtime Toolkit

95%

Version	Status	Scheme	Platform
`[3.0.0.0,3.5.22.20)`	affected	generic	—

Codesys

Virtual Control Sl

95%

Version	Status	Scheme	Platform
`[3.0.0.0,4.21.0.0)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor’s latest patch or update release for the affected CODESYS Control product to correct the authorization flaw.
If any privileged accounts have been removed, recreate them and verify that the new accounts have appropriate permissions restored.
Restrict the ability to delete user accounts to roles with the highest privileges; audit and enforce least‑privilege policies so that only administrators can perform user deletions.
Monitor system logs for unexpected account‑deletion events and configure alerts for anomalous activity.

Generated by OpenCVE AI on May 26, 2026 at 08:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00108.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://www.certvde.com/en/advisories/VDE-2026-056/

History

Tue, 26 May 2026 11:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 26 May 2026 09:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Codesys control For Beaglebone Sl Codesys control For Empc-a/imx6 Sl Codesys control For Iot2000 Sl Codesys control For Linux Arm Sl Codesys control For Linux Sl Codesys control For Pfc100 Sl Codesys control For Pfc200 Sl Codesys control For Plcnext Sl Codesys control For Raspberry Pi Sl Codesys control For Wago Touch Panels 600 Sl Codesys control Rte (sl) Codesys control Rte \(for Beckhoff Cx\) Sl Codesys control Win (sl) Codesys hmi (sl) Codesys runtime Toolkit Codesys virtual Control Sl
Vendors & Products		Codesys control For Beaglebone Sl Codesys control For Empc-a/imx6 Sl Codesys control For Iot2000 Sl Codesys control For Linux Arm Sl Codesys control For Linux Sl Codesys control For Pfc100 Sl Codesys control For Pfc200 Sl Codesys control For Plcnext Sl Codesys control For Raspberry Pi Sl Codesys control For Wago Touch Panels 600 Sl Codesys control Rte (sl) Codesys control Rte \(for Beckhoff Cx\) Sl Codesys control Win (sl) Codesys hmi (sl) Codesys runtime Toolkit Codesys virtual Control Sl

Tue, 26 May 2026 07:45:00 +0000

Type	Values Removed	Values Added
Description		The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.
Title		Incorrect Authorization in CODESYS Control
First Time appeared		Codesys Codesys codesys Control For Beaglebone Sl Codesys codesys Control For Empc A Imx6 Sl Codesys codesys Control For Iot2000 Sl Codesys codesys Control For Linux Arm Sl Codesys codesys Control For Linux Sl Codesys codesys Control For Pfc100 Sl Codesys codesys Control For Pfc200 Sl Codesys codesys Control For Plcnext Sl Codesys codesys Control For Raspberry Pi Sl Codesys codesys Control For Wago Touch Panels 600 Sl Codesys codesys Control Rte For Beckhoff Cx Sl Codesys codesys Control Rte Sl Codesys codesys Control Win Sl Codesys codesys Hmi Sl Codesys codesys Runtime Toolkit Codesys codesys Virtual Control Sl
Weaknesses		CWE-863
CPEs		cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_linux_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:::::::: cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:::::::: cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:::::::: cpe:2.3:a:codesys:codesys_control_rte_sl:::::::: cpe:2.3:a:codesys:codesys_control_win_sl:::::::: cpe:2.3:a:codesys:codesys_hmi_sl:::::::: cpe:2.3:a:codesys:codesys_runtime_toolkit:::::::: cpe:2.3:a:codesys:codesys_virtual_control_sl_::::::::
Vendors & Products		Codesys Codesys codesys Control For Beaglebone Sl Codesys codesys Control For Empc A Imx6 Sl Codesys codesys Control For Iot2000 Sl Codesys codesys Control For Linux Arm Sl Codesys codesys Control For Linux Sl Codesys codesys Control For Pfc100 Sl Codesys codesys Control For Pfc200 Sl Codesys codesys Control For Plcnext Sl Codesys codesys Control For Raspberry Pi Sl Codesys codesys Control For Wago Touch Panels 600 Sl Codesys codesys Control Rte For Beckhoff Cx Sl Codesys codesys Control Rte Sl Codesys codesys Control Win Sl Codesys codesys Hmi Sl Codesys codesys Runtime Toolkit Codesys codesys Virtual Control Sl
References		https://www.certvde.com/en/advisories/VDE-2026-056/
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H'}` cvssV4_0 `{'score': 7.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Subscriptions

Codesys Codesys Control For Beaglebone Sl Codesys Control For Empc A Imx6 Sl Codesys Control For Iot2000 Sl Codesys Control For Linux Arm Sl Codesys Control For Linux Sl Codesys Control For Pfc100 Sl Codesys Control For Pfc200 Sl Codesys Control For Plcnext Sl Codesys Control For Raspberry Pi Sl Codesys Control For Wago Touch Panels 600 Sl Codesys Control Rte For Beckhoff Cx Sl Codesys Control Rte Sl Codesys Control Win Sl Codesys Hmi Sl Codesys Runtime Toolkit Codesys Virtual Control Sl Control For Beaglebone Sl Control For Empc-a/imx6 Sl Control For Iot2000 Sl Control For Linux Arm Sl Control For Linux Sl Control For Pfc100 Sl Control For Pfc200 Sl Control For Plcnext Sl Control For Raspberry Pi Sl Control For Wago Touch Panels 600 Sl Control Rte (sl) Control Rte \(for Beckhoff Cx\) Sl Control Win (sl) Hmi (sl) Runtime Toolkit Virtual Control Sl

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2026-05-26T06:45:21.724Z

Updated: 2026-05-26T10:48:37.908Z

Reserved: 2026-05-06T17:10:12.759Z

Link: CVE-2026-8046

Vulnrichment

Updated: 2026-05-26T10:48:33.305Z

NVD

Status : Awaiting Analysis

Published: 2026-05-26T08:16:22.267

Modified: 2026-05-26T20:00:24.897

Link: CVE-2026-8046

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-26T09:00:11Z

Weaknesses

CWE-863
Incorrect Authorization

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object