VYPR

MELSEC iQ-F Series CPU module

by Mitsubishielectric

CVEs (11)

  • CVE-2023-4699CriNov 6, 2023
    risk 0.65cvss 10.0epss 0.01

    Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC…

  • CVE-2023-1424CriMay 24, 2023
    risk 0.65cvss 10.0epss 0.03

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or…

  • CVE-2020-5594CriJun 23, 2020
    risk 0.64cvss 9.8epss 0.01

    Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3 and/or GX Works2 via unspecified vectors.

  • CVE-2025-3755CriMay 29, 2025
    risk 0.59cvss 9.1epss 0.01

    Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in…

  • CVE-2021-20591HigJun 11, 2021
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a…

  • CVE-2020-5666HigNov 16, 2020
    risk 0.49cvss 7.5epss 0.08

    Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted…

  • CVE-2020-5665HigDec 14, 2020
    risk 0.48cvss 7.4epss 0.01

    Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.

  • CVE-2023-7033MedFeb 27, 2024
    risk 0.35cvss 5.3epss 0.01

    Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module,…

  • CVE-2023-4625MedNov 6, 2023
    risk 0.35cvss 5.3epss 0.01

    Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a…

  • CVE-2021-20598MedAug 6, 2021
    risk 0.35cvss 5.3epss 0.02

    Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login…

  • CVE-2025-10259MedNov 6, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect the connection by sending specially crafted TCP packets to cause a…