David Ruscheweyh

**Name of the Vulnerable Software and Affected Versions** CODESYS Development System (affected versions not specified) **Description** The software creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file that defines the components to be installed, which can lead to local privilege escalation by forcing the deployment of arbitrary components. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CODESYS Development System (affected versions not specified) **Description** The software extracts installation files to a temporary directory using incorrect default permissions during administrative installation. This allows a low-privileged local attacker to exploit a TOCTOU (Time-of-Check to Time-of-Use) race condition—a scenario where a system checks a condition and then uses the result, but the condition changes between the check and the use—to replace verified files with malicious ones before the installation completes, leading to local privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CODESYS Development System (affected versions not specified) **Description** A local attacker with limited privileges can gain elevated rights if a legitimate user confirms a self-update prompt or initiates an installation of the CODESYS Development System. This is due to a Time-of-Check-to-Time-of-Use (TOCTOU) vulnerability present in the CODESYS installer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.