Unrated severityNVD Advisory· Published Feb 5, 2019· Updated Jun 26, 2025

Mitsubishi Electric MELSEC-Q Series PLCs Resource Exhaustion

CVE-2019-6535

Description

Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Mitsubishielectric/Q03/04/06/13/26UDVCPUllm-create
Range: serial number 20081 and prior
Mitsubishielectric/Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPUllm-create
Range: serial number 20101 and prior
Mitsubishi Electric/Q03/04/06/13/26UDVCPUv5
Range: 0
Mitsubishi Electric/Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPUv5
Range: 0
Mitsubishi Electric/Q04/06/13/26UDPVCPUv5
Range: 0

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/106771mitrevdb-entryx_refsource_BID
www.cisa.gov/news-events/ics-advisories/icsa-19-029-02mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000