BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·76d ago

Mitsubishi Electric CNC Series

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-05.json strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of this vulnerability could allow a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition in the affected products. /strong /p p The following versions of Mitsubishi Electric CNC Series are affected: /p ul li M800VW (BND-2051W000) lt;=BB /li li M800VS (BND-2052W000) lt;=BB /li li M80V (BND-2053W000) lt;=BB /li li M80VW (BND-2054W000) lt;=BB /li li M800W (BND-2005W000) lt;=FM /li li M800S (BND-2006W000) lt;=FM /li li M80 (BND-2007W000) lt;=FM /li li M80W (BND-2008W000) lt;=FM /li li E80 (BND-2009W000) lt;=FM /li li C80 (BND-2036W000) vers:all/* /li li M750VW (BND-1015W002) vers:all/* /li li M730VW (BND-1015W000) vers:all/* /li li M720VW (BND-1015W000) vers:all/* /li li M750VS (BND-1012W002) vers:all/* /li li M730VS (BND-1012W000-**) vers:all/* /li li M720VS (BND-1012W000) vers:all/* /li li M70V (BND-1018W000) vers:all/* /li li E70 (BND-1022W000) vers:all/* /li li NC Trainer2 (BND-1802W000) vers:all/* /li li NC Trainer2 plus (BND-1803W000) vers:all/* /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 5.9 /td td Mitsubishi Electric /td td Mitsubishi Electric CNC Series /td td Improper Validation of Specified Index, Position, or Offset in Input /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Japan /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2025-2399 /a /h3 div class= csaf-accordion-content p Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) vulnerability in the affected products allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition in the affected products by sending specially crafted packets to TCP port 683. /p p a href= https://www.cve.org/CVERecord?id=CVE-2025-2399 View CVE Details /a /p hr h4 Affected Products /h4 h5 Mitsubishi Electric CNC Series /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br Mitsubishi Electric /div div class= ics-version strong Product Version: /strong br Mitsubishi Electric M800VW (BND-2051W000): lt;=BB, Mitsubishi Electric M800VS (BND-2052W000): lt;=BB, Mitsubishi Electric M80V (BND-2053W000): lt;=BB, Mitsubishi Electric M80VW (BND-2054W000): lt;=BB, Mitsubishi Electric M800W (BND-2005W000): l

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-05

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin