Cyber Resilience

CVE-2026-1876

High

Published: 03 March 2026

Published
03 March 2026
Modified
30 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0043 34.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-1876 is a high-severity Improper Resource Shutdown or Release (CWE-404) vulnerability in Mitsubishielectric Melsec Iq-F Fx5-Enet\/Ip Firmware. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Direct Network Flood (T1498.001); ranked at the 34.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-7 (Boundary Protection).

Deeper analysis

CVE-2026-1876 is an Improper Resource Shutdown or Release vulnerability classified under CWE-404, affecting all versions of the Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module. Published on 2026-03-03, this flaw enables a remote attacker to induce a denial-of-service (DoS) condition on the affected products by continuously sending UDP packets, with the CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) reflecting high availability impact without confidentiality or integrity disruption.

Any remote attacker with network access to the device can exploit this vulnerability, requiring low complexity, no privileges, and no user interaction. Exploitation disrupts device availability through resource exhaustion, rendering the module unresponsive until a manual system reset is performed for recovery.

Advisories providing mitigation guidance and patch information include JVN VU#93286687 at https://jvn.jp/vu/JVNVU93286687/, CISA ICSA-26-62-01 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-62-01, and Mitsubishi Electric PSIRT document 2025-021 at https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-021_en.pdf.

EU & UK References

Vulnerability details

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the products by continuously sending UDP packets to the products.…

more

A system reset of the product is required for recovery.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1498.001 Direct Network Flood Impact
Adversaries may attempt to cause a denial of service (DoS) by directly sending a high-volume of network traffic to a target.
T1499.001 OS Exhaustion Flood Impact
Adversaries may launch a denial of service (DoS) attack targeting an endpoint's operating system (OS).
Why these techniques?

Vulnerability enables remote UDP flood causing resource exhaustion and DoS on the target module.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-1874Same product: Mitsubishielectric Melsec Iq-F Fx5-Enet\/Ip
CVE-2026-1875Same vendor: Mitsubishielectric
CVE-2026-2108Shared CWE-404
CVE-2025-15529Shared CWE-404
CVE-2025-29357Shared CWE-404
CVE-2026-1587Shared CWE-404
CVE-2024-57618Shared CWE-404
CVE-2026-1171Shared CWE-404
CVE-2025-24811Shared CWE-404
CVE-2026-1172Shared CWE-404

Affected Assets

mitsubishielectric
melsec iq-f fx5-enet\/ip firmware
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements controls to protect against denial-of-service attacks via UDP packet floods causing resource exhaustion as in this CVE.

prevent

Ensures timely remediation of the improper resource shutdown flaw through patching, as advised in related advisories for this CVE.

preventdetect

Monitors and controls communications at network boundaries to block or detect excessive UDP traffic exploiting this vulnerability.

References