CISA has published an advisory on a improper restriction of operations within the bounds of a memory buffer, session fixation, NULL pointer dereference, improper access control, argument injection, and resource management errors vulnerability in Mitsubishi Electric MELSEC iQ-R. Numerous versions of the products in these series are affected. Successful exploitation of these vulnerabilities by malicious attackers may result in network functions entering a denial-of-service condition or allow malware execution. Mitsubishi Electric recommends users take a series of mitigation measures to minimize the risk of exploiting this vulnerability. CISA has also provided a series of measures to help mitigate the vulnerability. Read the advisory at WaterISAC.
You are here
Related Resources
May 29, 2025 in Cybersecurity, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness