CVSS: 9.4EPSS: 0%CPEs: 72EXPL: 0CVE-2025-3755 – Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module
https://notcve.org/view.php?id=CVE-2025-3755
29 May 2025 — Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery. • https://jvn.jp/vu/JVNVU94070048 • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 5.3EPSS: 0%CPEs: 163EXPL: 0CVE-2023-7033
https://notcve.org/view.php?id=CVE-2023-7033
27 Feb 2024 — Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN Flood attack. Vulnerabilidad de grupo de recursos insuficiente en la función Ethernet de los módulos de CPU de la serie MELSEC iQ-F de Mitsubishi Electric Corporation permite que un atacante remoto cause una condición... • https://jvn.jp/vu/JVNVU96145466/index.html • CWE-410: Insufficient Resource Pool •