CVE-2024-8403 HIGH

CVE-2024-8403: Denial-of-Service Vulnerability in Ethernet port on MELSEC iQ-F Ethernet Module and EtherNet/IP Module

Vendor Mitsubishi Electric Corporation
Product MELSEC iQ-F Series FX5-ENET
Weakness CWE-1287
Published November 19, 2024
Last update March 31, 2026

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.

Key dates

02Disclosure timeline

November 19, 2024 CVE published
March 31, 2026 Record updated

Related vulnerabilities

04Related CVE