CISA has published an advisory on an uncontrolled resource consumption vulnerability in Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series CPU Modules. Numerous versions of these products are affected. Successful exploitation of this vulnerability may prevent the FTP client from connecting to the FTP server on MELSEC-Q Series and MELSEC-L Series CPU module. Only FTP server function is affected by this vulnerability. Mitsubishi Electric has produced a new version of the firmware. It also strongly recommends that users operate the affected device behind a firewall. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
You are here
Related Resources
May 29, 2025 in Cybersecurity, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness