CVE-2025-2399

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

EUVD-2025-208464

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

EUVD-2025-208463

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

CVE-2025-2399

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

CVE-2025-2399 Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

CVE-2025-2399

CVE-2025-2399 describes an improper validation of specified index, position, or offset in input on Mitsubishi Electric CNC products, including M800V/M800VW/M800VS, M80V/M80VW, M800/M800W/M800S, M80/M80W, E80, C80, M700V family (M750VW, M720VW, 730VW, M720VS, 730VS, M750VS), M70V family (M70V), E7...

CVE-2025-2399 Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

Mitsubishi Electric CNC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition in the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the exploitation...

PT-2026-24177

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720V...

Mitsubishi Electric多款产品 安全漏洞

Mitsubishi Electric CNC Series is a series of numerical control control systems developed by Mitsubishi Electric, a Japanese company. Several products from Mitsubishi Electric have security vulnerabilities. These vulnerabilities stem from improper validation of specified indices, positions, or...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor...

CVE-2021-47705

The vulnerability CVE-2021-47705 affects COMMAX UMS Client ActiveX Control 1.7.0.2. The root cause is a heap-based buffer overflow in CNC_Ctrl.dll, resulting from improper boundary validation. An attacker can supply excessively long string arrays through multiple functions to trigger heap corrupt...

CVE-2021-47705 CNC_Ctrl DllUnregisterServer Access Violation

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

PT-2025-50235

Name of the Vulnerable Software and Affected Versions COMMAX UMS Client ActiveX Control version 1.7.0.2 Description The COMMAX UMS Client ActiveX Control contains a heap-based buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple...

EUVD-2020-5027

Malware in sbrugna...

EUVD-2023-44014

Malicious code in bioql PyPI...

EUVD-2022-44836

Malicious code in bioql PyPI...

EUVD-2024-48257

Malicious code in bioql PyPI...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on July 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-205-01 Mitsubishi Electric CNC Series ICSA-25-205-02 Network Thermostat X-Series WiFi...

Delta Electronics CNCSoft out-of-bounds write vulnerability (CNVD-2025-22961)

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics China. An out-of-bounds write vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to execute arbitrary code on the system...