Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-1875

Summary
Assigner-Mitsubishi
Assigner Org ID-e0f77b61-78fd-4786-b3fb-1ee347a748ad
Published At-03 Mar, 2026 | 06:54
Updated At-03 Mar, 2026 | 14:34
Rejected At-
Credits

Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Mitsubishi
Assigner Org ID:e0f77b61-78fd-4786-b3fb-1ee347a748ad
Published At:03 Mar, 2026 | 06:54
Updated At:03 Mar, 2026 | 14:34
Rejected At:
â–¼CVE Numbering Authority (CNA)
Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

Affected Products
Vendor
Mitsubishi Electric CorporationMitsubishi Electric Corporation
Product
MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP
Default Status
unaffected
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
CWECWE-404CWE-404 Improper Resource Shutdown or Release
Type: CWE
CWE ID: CWE-404
Description: CWE-404 Improper Resource Shutdown or Release
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
N/ADenial-of-Service
CAPEC ID: N/A
Description: Denial-of-Service
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf
vendor-advisory
https://jvn.jp/vu/JVNVU93286687/
government-resource
Hyperlink: https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf
Resource:
vendor-advisory
Hyperlink: https://jvn.jp/vu/JVNVU93286687/
Resource:
government-resource
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Published At:03 Mar, 2026 | 07:16
Updated At:03 Mar, 2026 | 21:52

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-404PrimaryMitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CWE ID: CWE-404
Type: Primary
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jvn.jp/vu/JVNVU93286687/Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
N/A
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdfMitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
N/A
Hyperlink: https://jvn.jp/vu/JVNVU93286687/
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Resource: N/A
Hyperlink: https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2026-1876
Matching Score-10
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-10
Assigner-Mitsubishi Electric Corporation
CVSS Score-8.7||HIGH
EPSS-Not Assigned
Published-03 Mar, 2026 | 07:03
Updated-03 Mar, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series Ethernet module

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2026-1874
Matching Score-8
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-8
Assigner-Mitsubishi Electric Corporation
CVSS Score-8.7||HIGH
EPSS-Not Assigned
Published-03 Mar, 2026 | 06:46
Updated-03 Mar, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module and Ethernet module

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products. A system reset of the product is required for recovery.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIPMELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2022-33324
Matching Score-6
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-6
Assigner-Mitsubishi Electric Corporation
CVSS Score-7.5||HIGH
EPSS-1.47% / 80.70%
||
7 Day CHG~0.00%
Published-23 Dec, 2022 | 02:24
Updated-05 Sep, 2024 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions "05" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions "07" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-melsec_iq-l_l04_hcpu_firmwaremelsec_iq-l_l32_hcpumelsec_iq-r_r04_sfcpu_firmwaremelsec_iq-r_r08_cpu_firmwaremelsec_iq-r_r16_cpumelsec_iq-r_r08_sfcpu_firmwaremelsec_iq-r_r04_sfcpumelsec_iq-r_r08_sfcpumelsec_iq-r_r16_cpu_firmwaremelsec_iq-r_r32_cpumelsec_iq-r_r32_sfcpu_firmwaremelsec_iq-l_l32_hcpu_firmwaremelsec_iq-r_r32_sfcpumelipc_mi5122-vwmelsec_iq-l_l16_hcpu_firmwaremelsec_iq-r_r120_sfcpu_firmwaremelsec_iq-r_r02_cpumelipc_mi5122-vw_firmwaremelsec_iq-r_r01_cpu_firmwaremelsec_iq-r_r12_ccpu-vmelsec_iq-r_r12_ccpu-v_firmwaremelsec_iq-r_r120_sfcpumelsec_iq-r_r04_cpumelsec_iq-r_r00_cpumelsec_iq-r_r08_cpumelsec_iq-r_r04_cpu_firmwaremelsec_iq-r_r16_sfcpumelsec_iq-l_l08_hcpumelsec_iq-r_r00_cpu_firmwaremelsec_iq-r_r120_cpumelsec_iq-l_l08_hcpu_firmwaremelsec_iq-r_r16_sfcpu_firmwaremelsec_iq-r_r32_cpu_firmwaremelsec_iq-l_l16_hcpumelsec_iq-r_r01_cpumelsec_iq-l_l04_hcpumelsec_iq-r_r02_cpu_firmwaremelsec_iq-r_r120_cpu_firmwareMELSEC iQ-R Series R08PSFCPUMELSEC iQ-R Series R08ENCPUMELSEC iQ-R Series R16SFCPUMELSEC iQ-R Series R32CPUMELSEC iQ-L Series L32HCPUMELSEC iQ-R Series R16CPUMELSEC iQ-R Series R120PSFCPUMELSEC iQ-L Series L04HCPUMELSEC iQ-R Series R32ENCPUMELSEC iQ-R Series R120CPUMELSEC iQ-R Series R16PSFCPUMELSEC iQ-R Series R02CPUMELSEC iQ-R Series R16ENCPUMELSEC iQ-R Series R32PSFCPUMELSEC iQ-R Series R04ENCPUMELSEC iQ-R Series R04CPUMELSEC iQ-L Series L08HCPUMELSEC iQ-R Series R01CPUMELSEC iQ-R Series R120SFCPUMELIPC Series MI5122-VWMELSEC iQ-R Series R08SFCPUMELSEC iQ-R Series R08CPUMELSEC iQ-L Series L16HCPUMELSEC iQ-R Series R32SFCPUMELSEC iQ-R Series R120ENCPUMELSEC iQ-R Series R12CCPU-VMELSEC iQ-R Series R00CPU
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-55102
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-8.7||HIGH
EPSS-0.03% / 6.94%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 15:25
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-Eclipse Foundation AISBL
Product-Eclipse ThreadX - NetX Duo
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-4749
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.29% / 51.88%
||
7 Day CHG+0.06%
Published-16 May, 2025 | 05:00
Updated-03 Jun, 2025 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7003GV2 Factory Reset backup.asp sub_4983B0 denial of service

A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7003g_firmwaredi-7003gDI-7003GV2
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-4791
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.20% / 41.69%
||
7 Day CHG~0.00%
Published-12 May, 2024 | 01:00
Updated-08 Aug, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contemporary Control System BASrouter BACnet BASRT-B Application Protocol Data Unit denial of service

A vulnerability classified as critical was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This vulnerability affects unknown code of the component Application Protocol Data Unit. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263890 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Contemporary Control System
Product-BASrouter BACnet BASRT-B
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-24811
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.12% / 30.58%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0). Affected devices do not process correctly certain special crafted packets sent to port 80/tcp, which could allow an unauthenticated attacker to cause a denial of service in the device.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS S7-1200 CPU 1215 DC/DC/DCSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIPLUS S7-1200 CPU 1214 DC/DC/DCSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC S7-1200 CPU 1214FC DC/DC/DCSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1212 AC/DC/RLYSIPLUS S7-1200 CPU 1214FC DC/DC/DCSIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1200 CPU 1214C DC/DC/DCSIMATIC S7-1200 CPU 1212FC DC/DC/RlySIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC S7-1200 CPU 1215C DC/DC/DCSIMATIC S7-1200 CPU 1211C DC/DC/DCSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1200 CPU 1215C AC/DC/RlySIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIMATIC S7-1200 CPU 1215FC DC/DC/DC
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-0492
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.39% / 59.92%
||
7 Day CHG+0.01%
Published-15 Jan, 2025 | 22:00
Updated-24 Sep, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-823X FUN_00412244 null pointer dereference

A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-823xdir-823x_firmwareDIR-823X
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
Details not found