CVE-2025-5514 | THREATINT

Description

Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web server function, by sending a specially crafted HTTP request.

PUBLISHED Reserved 2025-06-03 | Published 2025-08-25 | Updated 2025-08-26 | Assigner Mitsubishi

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-130 Improper Handling of Length Parameter Inconsistency

Product status

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

1.060 and later

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

Default status

unaffected

All versions

affected

References

www.mitsubishielectric.com/...nerability/pdf/2025-010_en.pdf vendor-advisory

jvn.jp/vu/JVNVU90316328/ government-resource

www.cisa.gov/news-events/ics-advisories/icsa-25-233-01 government-resource

cve.org (CVE-2025-5514)

nvd.nist.gov (CVE-2025-5514)

Download JSON