Vulnerability Description
Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect the connection by sending specially crafted TCP packets to cause a denial-of-service (DoS) condition on the products. There is no impact on connections other than the attacked one.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://jvn.jp/vu/JVNVU92088475/
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-01
- https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-014_en.pdf
FAQ
What is CVE-2025-10259?
CVE-2025-10259 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect t...
How severe is CVE-2025-10259?
CVE-2025-10259 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-10259?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.