Medium severity5.3NVD Advisory· Published Nov 6, 2025· Updated Apr 15, 2026

CVE-2025-10259

Description

Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect the connection by sending specially crafted TCP packets to cause a denial-of-service (DoS) condition on the products. There is no impact on connections other than the attacked one.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/vu/JVNVU92088475/nvd
www.cisa.gov/news-events/ics-advisories/icsa-25-317-01nvd
www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-014_en.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000