Mitsubishi Electric MELSEC iQ-F Series
Summary
Mitsubishi Electric's MELSEC iQ-F Series, specifically the FX5-EIP EtherNet/IP Module, is affected by a denial-of-service vulnerability (CVE-2026-8805). Successful exploitation can occur remotely by establishing numerous TCP connections, leading to memory access issues and service disruption.
IFF Assessment
This vulnerability allows for a denial-of-service condition, directly impacting the availability of critical infrastructure, which is detrimental to defenders.
Severity
The CVSS score of 7.5 indicates a High severity vulnerability. It is remotely exploitable (Attack Vector: Network), requires no privileges or user interaction (Exploitability: Low), and results in a complete loss of availability (Impact: High).
Defender Context
This vulnerability in a critical manufacturing component highlights the ongoing risks to operational technology (OT) environments. Defenders must monitor for anomalous TCP connection attempts to such devices and ensure timely patching or implementation of compensating controls to prevent denial-of-service attacks.