CVE-2025-10259

Medium CVSS: 5.3

Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect the connection by sending specially crafted TCP packets to cause a denial-of-service (DoS) condition on the products. There is no impact on connections other than the attacked one.

Vendor

Product

CWE

CWE-1284

Yayın Tarihi

2025-11-06 08:15:36

Güncelleme

2025-11-14 03:15:55

Source Identifier

Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

KEV Date Added

Kategoriler

CWE-1284 MEDIUM 2025

Referanslar

https://jvn.jp/vu/JVNVU92088475/ https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-01 https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-014_en.pdf