HIGHCVE-2026-1876Published 2026-03-03Modified 2026-03-04CNA Mitsubishi

CVE-2026-1876: Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series Ethernet module

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Mitsubishi Electric Corporation / MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP
All versions

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

References

mitsubishielectric.com
jvn.jp
cisa.gov

Metrics