CVE-2025-15080
Published: Feb 5, 2026
Modified: Feb 6, 2026
Description
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial of service (DoS) condition on the affected product by sending a specially crafted packet containing a specific command to the affected product.
| Vendor | Product | Versions |
|---|---|---|
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08PCPU | affected Firmware versions "48" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16PCPU | affected Firmware versions "48" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32PCPU | affected Firmware versions "48" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120PCPU | affected Firmware versions "48" and prior |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now