Mitsubishi Electric CNC Series
Summary
A remote attacker can exploit an Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC Series to cause an out-of-bounds read, leading to a denial-of-service condition. This affects various versions of the M800VW, M800VS, M80V, M80VW, M800W, M800S, M80, M80W, E80, C80, M750VW, M730VW, M720VW, M750VS, M730VS, M720VS, M70V, E70, NC Trainer2, and NC Trainer2 plus products.
IFF Assessment
The vulnerability allows for denial-of-service attacks, which can disrupt critical manufacturing operations.
Severity
Defender Context
This vulnerability in industrial control systems (ICS) could lead to operational disruptions in critical manufacturing sectors. Defenders should prioritize patching or implementing mitigations for affected Mitsubishi Electric CNC Series products to prevent denial-of-service attacks via specially crafted network packets.