Vulnerability Description
Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product and stop the operations of programs by using the obtained credential information.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://jvn.jp/vu/JVNVU90041458/
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-240-02
- https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-012_en.pdf
FAQ
What is CVE-2025-7731?
CVE-2025-7731 is a vulnerability with a CVSS score of 7.5 (HIGH). Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to obtain credential information...
How severe is CVE-2025-7731?
CVE-2025-7731 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-7731?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.