CVE-2026-44468
EUVD-2026-3179826.05.2026, 08:16
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| codesys | development_system | 𝑥 < 3.5.22.20 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration