Skip to main content

Mitsubishi Electric Melsec Iq F Series Fx5 Eip Ethernet Ip Module Fx5 Eip

1 CVEs product

Monthly

CVE-2026-8805 HIGH CISA Act Now

Denial-of-service in Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module (versions 1.000 and prior) allows a remote unauthenticated attacker to crash the device by rapidly opening many TCP connections, which trips an integer overflow in the EtherNet/IP connection-management logic and triggers improper memory access. No public exploit identified at time of analysis, but the CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) and high availability impact make this a meaningful operational-technology (OT) concern for plants relying on the affected PLC module. Reported by the vendor and tracked in vendor PSIRT advisory 2026-002, JVN VU#97140216, and CISA ICS advisory ICSA-26-169-05.

Buffer Overflow Integer Overflow Mitsubishi Electric Melsec Iq F Series Fx5 Eip Ethernet Ip Module Fx5 Eip
NVD
CVSS 4.0
8.7
EPSS
0.4%
EPSS 0% CVSS 8.7
HIGH Act Now

Denial-of-service in Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module (versions 1.000 and prior) allows a remote unauthenticated attacker to crash the device by rapidly opening many TCP connections, which trips an integer overflow in the EtherNet/IP connection-management logic and triggers improper memory access. No public exploit identified at time of analysis, but the CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) and high availability impact make this a meaningful operational-technology (OT) concern for plants relying on the affected PLC module. Reported by the vendor and tracked in vendor PSIRT advisory 2026-002, JVN VU#97140216, and CISA ICS advisory ICSA-26-169-05.

Buffer Overflow Integer Overflow Mitsubishi Electric Melsec Iq F Series Fx5 Eip Ethernet Ip Module Fx5 Eip
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy