Denial of Service vulnerability in MELSEC iQ-F Series FX5-ENET

CVE-2024-8403

7.5HIGH

Key Information

Vendor: Mitsubishi Electric Corporation
Status: Melsec Iq-f Series Fx5-enet; Melsec Iq-f Series Fx5-enet/ip
Vendor: CVE Published:; 19 November 2024

Summary

Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.

Affected Version(s)

MELSEC iQ-F Series FX5-ENET = 1.100 and later

MELSEC iQ-F Series FX5-ENET/IP = 1.100 to 1.104

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Nov 19, 2024
Vulnerability Reserved.
Sep 4, 2024

Collectors

NVD DatabaseMitre Database