Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.7
Mitsubishi Electric MELSEC Modules: Remote DoS Attack Possible
CVE-2026-1874
Summary
Mitsubishi Electric's MELSEC iQ-F Series Ethernet modules are vulnerable to a remote attack that can cause the device to freeze and require a system reset. This can happen if an attacker sends a large number of UDP packets to the device. To protect your device, ensure you have the most up-to-date software version, and consider implementing a firewall to block unauthorized incoming traffic.
Original title
Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Elec...
Original description
Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.
nvd CVSS4.0
8.7
Vulnerability type
CWE-670
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026