CVE-2026-8805

HIGH EPSS 29.8%

Published Jun 19, 20261w ago · Modified Jun 22, 20261w ago

8.7 CVSS 4.0

High

Published Jun 19, 2026 1w ago

Last Modified Jun 22, 2026 1w ago

Description

Integer Overflow or Wraparound vulnerability in the EtherNet/IP function of Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service (DoS) condition in the affected product by rapidly establishing a large number of TCP connections to it, resulting in an inconsistency in the product's internal connection management process and triggering improper memory access.

CVSS Details

Base Score

8.7

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

29.8% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-190 Integer Overflow or Wraparound Numeric Error

References 3

jvn.jp https://jvn.jp/vu/JVNVU97140216/
cisa.gov https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-05
mitsubishielectric.com https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2026-002_en.pdf

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.