CVE-2026-1874

MELSEC iQ-F FX5-ENET/IP <=1.106 - DoS

Title source: llm

Description

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

References (3)

[Various Sources] https://jvn.jp/vu/JVNVU93286687/

[Various Sources] https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-26-62-01

Scores

EPSS 0.0018

EPSS Percentile 39.8%

Classification

CWE

CWE-670

Status draft

Timeline

Published Mar 03, 2026

Tracked Since Mar 03, 2026