fkie_nvd - fkie_cve-2025-3511

fkie_cve-2025-3511

Vulnerability from fkie_nvd

Published

2025-04-25 06:15

Modified

2025-10-10 07:15

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, and CC-Link IE TSN Master/Local Station Communication LSI CP610 allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets. A system reset of the product is required for recovery.

References

	URL	Tags
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://jvn.jp/vu/JVNVU96620683/
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY,\u00a0MELSEC iQ-R Series CC-Link IE TSN Master/Local Module,\u00a0MELSEC iQ-R Series Ethernet Interface Module,\u00a0and CC-Link IE TSN Master/Local Station Communication LSI CP610\u00a0allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.\u00a0\n\nA system reset of the product is required for recovery."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de validaci\u00f3n incorrecta de la cantidad especificada en la entrada en Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module and CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY permite que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio en los productos mediante el env\u00edo de paquetes UDP especialmente manipulados."
    }
  ],
  "id": "CVE-2025-3511",
  "lastModified": "2025-10-10T07:15:43.660",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-25T06:15:45.753",
  "references": [
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://jvn.jp/vu/JVNVU96620683/"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf"
    }
  ],
  "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1284"
        }
      ],
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "type": "Secondary"
    }
  ]
}

CVE-2025-3511 (GCVE-0-2025-3511)

Vulnerability from cvelistv5

Published

2025-04-25 05:14

Modified

2025-10-23 17:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-1284 - Improper Validation of Specified Quantity in Input

Summary

References

URL

Tags

	https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf	vendor-advisory
	https://jvn.jp/vu/JVNVU96620683/	government-resource
	https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03	government-resource

Impacted products

Vendor

Product

Version

Mitsubishi Electric Corporation

CC-Link IE TSN Remote I/O module NZ2GN2S1-32D

Version: 09 and prior

Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-32T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-32TE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-32DT	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-32DTE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-32D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-32T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-32TE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-32DT	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-32DTE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GNCF1-32D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GNCF1-32T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GNCE3-32D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GNCE3-32DT	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A4-16D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A4-16DE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A2-16T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A2-16TE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A42-16DT	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN12A42-16DTE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-16D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-16T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2S1-16TE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-16D	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-16T	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote I/O module NZ2GN2B1-16TE	Version: 09 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Analog-Digital Converter module NZ2GN2S-60AD4	Version: 07 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Analog-Digital Converter module NZ2GN2B-60AD4	Version: 07 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Digital-Analog Converter module NZ2GN2S-60DA4	Version: 07 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Digital-Analog Converter module NZ2GN2B-60DA4	Version: 07 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN FPGA module NZ2GN2S-D41P01	Version: 01
Mitsubishi Electric Corporation	CC-Link IE TSN FPGA module NZ2GN2S-D41D01	Version: 01
Mitsubishi Electric Corporation	CC-Link IE TSN FPGA module NZ2GN2S-D41PD02	Version: 01
Mitsubishi Electric Corporation	CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-300	Version: 1.08J and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-60	Version: 1.08J and prior
Mitsubishi Electric Corporation	MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-T2	Version: 26 and prior
Mitsubishi Electric Corporation	MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-EIP	Version: 10 and prior
Mitsubishi Electric Corporation	MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-SX	Version: 05 and prior
Mitsubishi Electric Corporation	MELSEC iQ-R Series Ethernet Interface Module RJ71EN71	Version: 85 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2GACP610-60	Version: 05 and prior
Mitsubishi Electric Corporation	CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2KT-NPETNG51	Version: 05 and prior

Show details on NVD website