Cyber Resilience

CVE-2026-1875

High

Published: 03 March 2026

Published
03 March 2026
Modified
30 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0043 34.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-1875 is a high-severity Improper Resource Shutdown or Release (CWE-404) vulnerability in Mitsubishielectric Melsec Iq-F Fx5-Eip Firmware. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Denial of Service (T1498); ranked at the 34.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).

Deeper analysis

CVE-2026-1875 is an Improper Resource Shutdown or Release vulnerability (CWE-404) in the Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module, affecting versions 1.000 and prior. Published on 2026-03-03, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its potential for high-impact availability disruption without requiring authentication or user interaction.

A remote attacker can exploit this vulnerability by continuously sending UDP packets to the affected products, triggering a denial-of-service (DoS) condition. The attack leverages the module's failure to properly handle resource shutdown or release, rendering the device unresponsive until a manual system reset is performed for recovery.

Advisories from JVN (https://jvn.jp/vu/JVNVU93286687/), CISA (https://www.cisa.gov/news-events/ics-advisories/icsa-26-62-01), and Mitsubishi Electric (https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf) provide further details on mitigation strategies for this vulnerability.

EU & UK References

Vulnerability details

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to…

more

the products. A system reset of the product is required for recovery.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1498 Network Denial of Service Impact
Adversaries may perform Network Denial of Service (DoS) attacks to degrade or block the availability of targeted resources to users.
Why these techniques?

Vulnerability enables remote UDP-based flooding to trigger DoS on the network device, directly mapping to Network Denial of Service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-1874Same product: Mitsubishielectric Melsec Iq-F Fx5-Eip
CVE-2026-1876Same vendor: Mitsubishielectric
CVE-2026-2108Shared CWE-404
CVE-2025-0492Shared CWE-404
CVE-2025-15529Shared CWE-404
CVE-2025-29357Shared CWE-404
CVE-2026-1587Shared CWE-404
CVE-2024-57618Shared CWE-404
CVE-2026-1171Shared CWE-404
CVE-2025-24811Shared CWE-404

Affected Assets

mitsubishielectric
melsec iq-f fx5-eip firmware
≤ 1.000

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the improper resource shutdown or release flaw in the FX5-EIP EtherNet/IP module by applying vendor patches or updates.

prevent

Implements denial-of-service protections to block or limit continuous UDP packet floods that trigger the DoS condition.

prevent

Enforces resource availability protections, such as queuing limits and allocation thresholds, to prevent exhaustion from improper UDP packet handling.

References