CVE-2026-1874

CVE-2026-1874 concerns a denial-of-service vulnerability in Mitsubishi Electric MELSEC iQ-F Series Ethernet modules. The affected components are FX5-ENET/IP (versions 1.106 and earlier) and FX5-EIP Ethernet module (all versions). The issue is described as an Always-Incorrect Control Flow Implemen...

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet Module (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-287-01 Rockwell Automation 1715 EtherNet/IP Comms Module CISA encourages users and...

EUVD-2023-33586

Malicious code in bioql PyPI...

EUVD-2023-33589

Malicious code in bioql PyPI...

EUVD-2023-33587

Malicious code in bioql PyPI...

CVE-2023-2060

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

CVE-2023-2061

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via F...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Unrestricted Upload of File with Dangerous Type (CVE-2023-2063)

Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tamperin...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Weak Password Requirements (CVE-2023-2060)

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

CVE-2023-2060

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

Default credentials

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

PT-2023-3766 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to an unrestricted upload of files with...

CVE-2020-5658

The CVE-2020-5658 entry concerns a Resource Management Errors vulnerability in the TCP/IP functionality of MELSEC iQ-R series firmware. Affected modules and serial-number guards: EtherNet/IP Network Interface Module RJ71EIP91 (first two digits of serial ≤ 02), PROFINET IO Controller RJ71PN92 (≤ 0...