CVE-2026-38719

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...

CVE-2026-35225

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

EUVD-2026-25222

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

CVE-2026-35225

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

CVE-2026-35225 Improper timeout handling in CODESYS EtherNetIP

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

PT-2026-34663

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

EUVD-2020-31212

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

CVE-2020-37216 Hirschmann HiOS EtherNet/IP Stack Denial of Service

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

PT-2026-30209

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

Belden Hirschmann HiOS 输入验证错误漏洞

Belden Hirschmann HiOS is an industrial Ethernet switch operating system developed by the American company Belden. Versions of Belden Hirschmann HiOS prior to 08.1.00 and 07.1.01 contained a vulnerability related to input validation errors. This vulnerability stemmed from improper handling of the...

CVE-2026-1875

The CVE-2026-1875 entry concerns Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP Module (FX5-EIP). The vulnerability is an Improper Resource Shutdown or Release in the EtherNet/IP interface across all FX5‑EIP versions, enabling a remote attacker to cause denial of service by continuous...

EUVD-2026-9281

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service DoS condition on the products by continuously sending UDP packets to the products. A syst...

CVE-2026-1874 Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module and Ethernet module

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2026-1874

CVE-2026-1874 concerns a denial-of-service vulnerability in Mitsubishi Electric MELSEC iQ-F Series Ethernet modules. The affected components are FX5-ENET/IP (versions 1.106 and earlier) and FX5-EIP Ethernet module (all versions). The issue is described as an Always-Incorrect Control Flow Implemen...

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet Module (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

PT-2026-22723

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP affected versions not specified Description An improper resource shutdown or release issue exists in the Mitsubishi Electric Corporation MELSEC iQ-F Series...

Rockwell Automation ArmorStart LT Denial of Service Vulnerability (CNVD-2026-10852)

Rockwell Automation ArmorStart LT is a distributed motor controller from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation ArmorStart LT, which originates from an unexpected reboot of the device during execution of the Achilles EtherNet/IP Step Limits Storms...