CVE-2026-1876
Received Received - Intake
Improper Resource Shutdown in Mitsubishi FX5-ENET/IP Causes DoS

Publication date: 2026-03-03

Last updated on: 2026-04-30

Assigner: Mitsubishi Electric Corporation

Description
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-04-30
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1876
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mitsubishielectric melsec_iq-f_fx5-enet/ip_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Resource Shutdown or Release issue found in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP in all versions. It allows a remote attacker to cause a denial-of-service (DoS) condition by continuously sending UDP packets to the affected products.

The attack forces the product into a state where it stops functioning properly and requires a system reset to recover.

Impact Analysis

The impact of this vulnerability is a denial-of-service (DoS) condition on the affected Mitsubishi Electric Ethernet modules. This means that an attacker can remotely disrupt the normal operation of the device, causing it to stop functioning until it is manually reset.

Such disruption can lead to downtime in systems relying on these modules, potentially affecting industrial or automation processes that depend on continuous network communication.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, avoid allowing continuous UDP packets to be sent to the Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module, as this can cause a denial-of-service condition.

If the product becomes unresponsive due to this attack, a system reset of the product is required for recovery.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1876. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart