fkie_nvd - fkie_cve-2025-5241

fkie_cve-2025-5241

Vulnerability from fkie_nvd

Published

2025-07-11 01:15

Modified

2025-07-15 13:14

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unable to login until a certain period has passed after the lockout or until the product is reset.

References

▶	URL	Tags
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-04
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-005_en.pdf

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unable to login until a certain period has passed after the lockout or until the product is reset."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad del mecanismo de bloqueo de cuentas excesivamente restrictivo en la serie MELSEC iQ-F de Mitsubishi Electric Corporation permite a un atacante remoto no autenticado bloquear a usuarios leg\u00edtimos durante un periodo determinado al intentar iniciar sesi\u00f3n repetidamente con contrase\u00f1as incorrectas. Los usuarios leg\u00edtimos no podr\u00e1n iniciar sesi\u00f3n hasta que transcurra un periodo determinado tras el bloqueo o hasta que se restablezca el producto."
    }
  ],
  "id": "CVE-2025-5241",
  "lastModified": "2025-07-15T13:14:49.980",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-11T01:15:29.487",
  "references": [
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-04"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-005_en.pdf"
    }
  ],
  "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-645"
        }
      ],
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "type": "Primary"
    }
  ]
}

CVE-2025-5241 (GCVE-0-2025-5241)

Vulnerability from cvelistv5

Published

2025-07-11 00:16

Modified

2025-07-11 13:34

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-645 - Overly Restrictive Account Lockout Mechanism

Summary

References

►

URL

Tags

	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-005_en.pdf	vendor-advisory
	https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-04	government-resource

Impacted products

Vendor

Product

Version

►

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/ES

Version: All versions

Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-32MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-64MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5U-80MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-64MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-64MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-96MT/D	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-96MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MT/DSS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UC-32MR/DS-TS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-24MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-40MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MT/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5UJ-60MR/ES-A	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MT/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MT/ESS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-80MR/ES	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-30MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-40MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MT/DSS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5S-60MR/DS	Version: All versions
Mitsubishi Electric Corporation	MELSEC iQ-F Series FX5-CCLGN-MS	Version: All versions

Show details on NVD website