CVE-2026-1875

HIGH

MELSEC iQ-F FX5-EIP - DoS

Title source: llm

Description

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

References (3)

[Various Sources] https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf

[Various Sources] https://jvn.jp/vu/JVNVU93286687/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-26-62-01

Scores

CVSS v4 8.7

EPSS 0.0014

EPSS Percentile 34.0%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-404

Status published

Products (2)

Mitsubishi Electric Corporation/MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP All versions

Mitsubishi Electric Corporation/MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior

Published Mar 03, 2026

Tracked Since Mar 03, 2026