CVE-2025-2399
Out-of-Bounds Read in Mitsubishi Electric CNC Causes DoS
Publication date: 2026-03-10
Last updated on: 2026-03-24
Assigner: Mitsubishi Electric Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mitsubishi | electric_cnc_m800v_series | to bnd-2051w000-** (exc) |
| mitsubishi | electric_cnc_m800v_series | to bnd-2052w000-** (exc) |
| mitsubishi | electric_cnc_m80v_series | to bnd-2053w000-** (exc) |
| mitsubishi | electric_cnc_m80v_series | to bnd-2054w000-** (exc) |
| mitsubishi | electric_cnc_m800_series | to bnd-2005w000-** (exc) |
| mitsubishi | electric_cnc_m800_series | to bnd-2006w000-** (exc) |
| mitsubishi | electric_cnc_m80_series | to bnd-2007w000-** (exc) |
| mitsubishi | electric_cnc_m80_series | to bnd-2008w000-** (exc) |
| mitsubishi | electric_cnc_e80_series | to bnd-2009w000-** (exc) |
| mitsubishi | electric_cnc_c80_series | to bnd-2036w000-** (exc) |
| mitsubishi | electric_cnc_m700v_series | to bnd-1015w002-** (exc) |
| mitsubishi | electric_cnc_m700v_series | to bnd-1015w000-** (exc) |
| mitsubishi | electric_cnc_m700v_series | to bnd-1012w002-** (exc) |
| mitsubishi | electric_cnc_m700v_series | to bnd-1012w000-** (exc) |
| mitsubishi | electric_cnc_m70v_series | to bnd-1018w000-** (exc) |
| mitsubishi | electric_cnc_e70_series | to bnd-1022w000-** (exc) |
| mitsubishi | electric_software_tools | to bnd-1802w000-** (exc) |
| mitsubishi | electric_software_tools | to bnd-1803w000-** (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1285 | The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-2399 is a denial of service (DoS) vulnerability affecting Mitsubishi Electric Numerical Control Systems (CNC). It is caused by improper validation of specified index, position, or offset in input, which leads to an out-of-bounds memory read.
A remote attacker can exploit this vulnerability by sending specially crafted packets to TCP port 683, causing the affected systems to enter an emergency shutdown state that requires a system reset to recover.
The affected products include multiple series and models of Mitsubishi Electric CNC devices and related software tools.
How can this vulnerability impact me? :
This vulnerability can cause affected Mitsubishi Electric CNC systems to abruptly stop functioning by triggering an out-of-bounds memory read, resulting in a denial-of-service condition.
The impact is a high availability disruption, as the systems enter an emergency shutdown state and require a manual system reset to resume normal operation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by verifying if your Mitsubishi Electric CNC system or software tools are running affected versions. Users should check the βSystem Numberβ on the Software Configuration screen for hardware series or the Version Information screen for software tools to identify if the system is vulnerable.
Since the vulnerability is exploited by sending specially crafted packets to TCP port 683, network detection can involve monitoring or capturing traffic on this port for unusual or malformed packets.
Suggested commands to help detect potential exploitation attempts or presence of the vulnerability include:
- Using network monitoring tools like tcpdump or Wireshark to capture and analyze traffic on TCP port 683, for example: tcpdump -i <interface> tcp port 683
- Using netstat or ss to check if the affected device is listening on TCP port 683, for example: netstat -an | grep 683
- Checking system or software version information on the device to confirm if it matches affected versions.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying available patches or updates provided by Mitsubishi Electric representatives for affected products.
For products without available fixed versions, the following mitigations are recommended:
- Use firewalls, VPNs, or IP filtering to block unauthorized access to TCP port 683, especially from untrusted networks.
- Restrict physical access to affected devices and connected network equipment to prevent unauthorized manipulation.
- Install antivirus software on connected computers to help detect and prevent malicious activity.
For detailed instructions, users should refer to the respective seriesβ instruction manuals or contact their local Mitsubishi Electric representative.