mitsubishi melsec

About this tag
The mitsubishi melsec tag covers discussions about Mitsubishi Electric's MELSEC programmable logic controller (PLC) series, including security vulnerabilities and mitigations. Recent content focuses on CVE-2025-10259, a remotely exploitable denial-of-service (DoS) flaw affecting MELSEC iQ-F Series CPU modules. This vulnerability allows specially crafted TCP packets to disconnect or crash communication sessions, potentially disrupting industrial control operations. The tag is relevant for industrial control system (ICS) security professionals, PLC programmers, and IT administrators managing MELSEC-based automation environments. Topics include vulnerability disclosures, patch management, and operational impact mitigation for MELSEC iQ-F and related series.
  1. CVE-2025-10259 DoS in MELSEC iQ-F PLCs: Impact and Mitigation

    Mitsubishi Electric has disclosed a remotely exploitable denial‑of‑service (DoS) vulnerability affecting a broad set of MELSEC iQ‑F Series CPU modules (tracked as CVE‑2025‑10259), and security advisories from the vendor, national CERTs and vulnerability databases confirm the flaw allows...