Vulnerability Details CVE-2026-44469
The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.4%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-44469
-
cpe:2.3:a:codesys:development_system:3.0
-
cpe:2.3:a:codesys:development_system:3.5.10.0
-
cpe:2.3:a:codesys:development_system:3.5.10.10
-
cpe:2.3:a:codesys:development_system:3.5.10.20
-
cpe:2.3:a:codesys:development_system:3.5.10.30
-
cpe:2.3:a:codesys:development_system:3.5.10.40
-
cpe:2.3:a:codesys:development_system:3.5.10.50
-
cpe:2.3:a:codesys:development_system:3.5.10.60
-
cpe:2.3:a:codesys:development_system:3.5.10.70
-
cpe:2.3:a:codesys:development_system:3.5.11.0
-
cpe:2.3:a:codesys:development_system:3.5.11.10
-
cpe:2.3:a:codesys:development_system:3.5.11.20
-
cpe:2.3:a:codesys:development_system:3.5.11.30
-
cpe:2.3:a:codesys:development_system:3.5.11.40
-
cpe:2.3:a:codesys:development_system:3.5.11.50
-
cpe:2.3:a:codesys:development_system:3.5.11.60
-
cpe:2.3:a:codesys:development_system:3.5.12.0
-
cpe:2.3:a:codesys:development_system:3.5.12.10
-
cpe:2.3:a:codesys:development_system:3.5.12.20
-
cpe:2.3:a:codesys:development_system:3.5.12.30
-
cpe:2.3:a:codesys:development_system:3.5.12.40
-
cpe:2.3:a:codesys:development_system:3.5.12.50
-
cpe:2.3:a:codesys:development_system:3.5.12.60
-
cpe:2.3:a:codesys:development_system:3.5.12.70
-
cpe:2.3:a:codesys:development_system:3.5.13.0
-
cpe:2.3:a:codesys:development_system:3.5.13.10
-
cpe:2.3:a:codesys:development_system:3.5.13.20
-
cpe:2.3:a:codesys:development_system:3.5.13.30
-
cpe:2.3:a:codesys:development_system:3.5.13.40
-
cpe:2.3:a:codesys:development_system:3.5.14.0
-
cpe:2.3:a:codesys:development_system:3.5.14.10
-
cpe:2.3:a:codesys:development_system:3.5.14.20
-
cpe:2.3:a:codesys:development_system:3.5.14.30
-
cpe:2.3:a:codesys:development_system:3.5.14.40
-
cpe:2.3:a:codesys:development_system:3.5.15.0
-
cpe:2.3:a:codesys:development_system:3.5.15.10
-
cpe:2.3:a:codesys:development_system:3.5.15.20
-
cpe:2.3:a:codesys:development_system:3.5.15.30
-
cpe:2.3:a:codesys:development_system:3.5.15.40
-
cpe:2.3:a:codesys:development_system:3.5.15.50
-
cpe:2.3:a:codesys:development_system:3.5.16.0
-
cpe:2.3:a:codesys:development_system:3.5.16.10
-
cpe:2.3:a:codesys:development_system:3.5.16.20
-
cpe:2.3:a:codesys:development_system:3.5.16.30
-
cpe:2.3:a:codesys:development_system:3.5.16.40
-
cpe:2.3:a:codesys:development_system:3.5.16.50
-
cpe:2.3:a:codesys:development_system:3.5.16.60
-
cpe:2.3:a:codesys:development_system:3.5.16.70
-
cpe:2.3:a:codesys:development_system:3.5.16.90
-
cpe:2.3:a:codesys:development_system:3.5.17.0
-
cpe:2.3:a:codesys:development_system:3.5.17.10
-
cpe:2.3:a:codesys:development_system:3.5.17.20
-
cpe:2.3:a:codesys:development_system:3.5.17.30
-
cpe:2.3:a:codesys:development_system:3.5.17.40
-
cpe:2.3:a:codesys:development_system:3.5.17.60
-
cpe:2.3:a:codesys:development_system:3.5.18.0
-
cpe:2.3:a:codesys:development_system:3.5.18.20
-
cpe:2.3:a:codesys:development_system:3.5.18.30
-
cpe:2.3:a:codesys:development_system:3.5.18.40
-
cpe:2.3:a:codesys:development_system:3.5.18.50
-
cpe:2.3:a:codesys:development_system:3.5.19.0
-
cpe:2.3:a:codesys:development_system:3.5.19.10
-
cpe:2.3:a:codesys:development_system:3.5.19.20
-
cpe:2.3:a:codesys:development_system:3.5.19.30
-
cpe:2.3:a:codesys:development_system:3.5.19.40
-
cpe:2.3:a:codesys:development_system:3.5.19.50
-
cpe:2.3:a:codesys:development_system:3.5.19.60
-
cpe:2.3:a:codesys:development_system:3.5.19.70
-
cpe:2.3:a:codesys:development_system:3.5.20.0
-
cpe:2.3:a:codesys:development_system:3.5.20.10
-
cpe:2.3:a:codesys:development_system:3.5.20.20
-
cpe:2.3:a:codesys:development_system:3.5.20.30
-
cpe:2.3:a:codesys:development_system:3.5.20.40
-
cpe:2.3:a:codesys:development_system:3.5.20.50
-
cpe:2.3:a:codesys:development_system:3.5.20.60
-
cpe:2.3:a:codesys:development_system:3.5.20.70
-
cpe:2.3:a:codesys:development_system:3.5.21.0
-
cpe:2.3:a:codesys:development_system:3.5.21.10
-
cpe:2.3:a:codesys:development_system:3.5.21.20
-
cpe:2.3:a:codesys:development_system:3.5.21.30
-
cpe:2.3:a:codesys:development_system:3.5.21.40
-
cpe:2.3:a:codesys:development_system:3.5.21.50
-
cpe:2.3:a:codesys:development_system:3.5.21.60
-
cpe:2.3:a:codesys:development_system:3.5.22.0
-
cpe:2.3:a:codesys:development_system:3.5.22.10
-
cpe:2.3:a:codesys:development_system:3.5.9.0
-
cpe:2.3:a:codesys:development_system:3.5.9.40
-
cpe:2.3:a:codesys:development_system:3.5.9.50
-
cpe:2.3:a:codesys:development_system:3.5.9.60
-
cpe:2.3:a:codesys:development_system:3.5.9.70
-
cpe:2.3:a:codesys:development_system:3.5.9.80