fkie_nvd - fkie_cve-2025-3755

fkie_cve-2025-3755

Vulnerability from fkie_nvd

Published

2025-05-29 05:15

Modified

2025-05-29 14:29

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery.

References

▶	URL	Tags
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://jvn.jp/vu/JVNVU94070048/
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de validaci\u00f3n incorrecta del \u00edndice, la posici\u00f3n o el desplazamiento especificados en la entrada en los m\u00f3dulos de CPU MELSEC iQ-F de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado lea informaci\u00f3n del producto, provoque una denegaci\u00f3n de servicio (DoS) en la conexi\u00f3n MELSOFT o detenga el funcionamiento del m\u00f3dulo de CPU (lo que provoca una DoS) mediante el env\u00edo de paquetes especialmente manipulados. Es necesario reiniciar el producto para su recuperaci\u00f3n."
    }
  ],
  "id": "CVE-2025-3755",
  "lastModified": "2025-05-29T14:29:50.247",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-29T05:15:20.930",
  "references": [
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://jvn.jp/vu/JVNVU94070048/"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf"
    }
  ],
  "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1285"
        }
      ],
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "type": "Primary"
    }
  ]
}

CVE-2025-3755 (GCVE-0-2025-3755)

Vulnerability from cvelistv5

Published

2025-05-29 04:47

Modified

2025-05-29 13:17

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

Summary

References

►

URL

Tags

	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf	vendor-advisory
	https://jvn.jp/vu/JVNVU94070048/	government-resource

Impacted products

Vendor

Product

Version

►

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/ES

Version: All versions

Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-64MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-64MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-96MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-96MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DSS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MR/DS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MR/DS	Version: All versions

Show details on NVD website