← Voltar para CVEs
CVE-2025-15080
N/ADescricao
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial of service (DoS) condition on the affected product by sending a specially crafted packet containing a specific command to the affected product.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/5/2026
Ultima modificacao2/6/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-1284
Referencias
https://jvn.jp/vu/JVNVU95093080/(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-02(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-020_en.pdf(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.