Description
Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.
Scores
CVSS v4
8.7
EPSS
0.0020
EPSS Percentile
41.9%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-670
Status
published
Products (3)
Mitsubishi Electric Corporation/MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP
All versions
Mitsubishi Electric Corporation/MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP
versions 1.000 and prior
Mitsubishi Electric Corporation/MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP
versions 1.106 and prior
Published
Mar 03, 2026
Tracked Since
Mar 03, 2026