Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
Summary
A denial-of-service (DoS) vulnerability, CVE-2026-8806, has been identified in Mitsubishi Electric's MELSEC iQ-F Series FX5-ENET/IP Ethernet Module. Exploitation allows a remote attacker to overwhelm the module with communication packets, causing it to stop functioning.
IFF Assessment
This vulnerability allows for a denial-of-service attack, which disrupts the availability of the affected industrial control system module.
Severity
The CVSS score of 7.5 reflects a high severity due to the remote attack vector, the ability to cause a denial-of-service condition impacting availability, and the low complexity of exploiting the vulnerability.
Defender Context
This vulnerability impacts industrial control systems, specifically Mitsubishi Electric's MELSEC iQ-F Series Ethernet Module. Defenders should be aware of this DoS vulnerability and monitor for any potential exploitation attempts. Given that no fix is planned, mitigation strategies may involve network segmentation and strict access controls to prevent unauthorized communication packets from reaching the affected module.