Mitsubishi Electricβs MELSEC iQ-F Series faces a remote exploitation vulnerability allowing attackers to cause denial-of-service conditions via TCP communication. Proper mitigation, such as VPN use and physical access restrictions, is recommended to prevent attacks. #MitsubishiElectric #CVE-2025-10259
Keypoints
- A vulnerability in the MELSEC iQ-F Series allows remote DoS attacks through crafted TCP packets.
- The affected products include multiple versions of the FX5U, FX5S, FX5UC, and FX5UJ series modules.
- The CVE-2025-10259 vulnerability has a CVSS score of 5.3, indicating a low to moderate severity.
- Mitsubishi Electric recommends VPN encryption and restricted physical access to mitigate risks.
- No public exploits have been reported for this vulnerability to CISA at this time.
Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-01