PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-8805 Mitsubishi Electric Corporation CVE debrief

CVE-2026-8805 is an Integer Overflow or Wraparound vulnerability in the EtherNet/IP function of Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) condition by rapidly establishing a large number of TCP connections, resulting in an inconsistency in the product's internal connection management process and triggering improper memory access. The affected product is commonly used in industrial control systems, which may be a target for attackers. The vulnerability has a high CVSS score of 8.7, indicating a high severity.

Vendor
Mitsubishi Electric Corporation
Product
Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-19
Original CVE updated
2026-06-22
Advisory published
2026-06-19
Advisory updated
2026-06-22

Who should care

Industrial control system operators, particularly those using Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior, should be aware of this vulnerability and take necessary precautions. This includes reviewing system configurations, monitoring network traffic, and applying patches or updates as soon as possible. Additionally, operators should consider implementing compensating controls such as intrusion detection systems and network segmentation to isolate critical systems.

Technical summary

The vulnerability exists in the EtherNet/IP function of the FX5-EIP module, specifically in Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior. A remote attacker can exploit this by establishing a large number of TCP connections, causing a DoS condition due to improper memory access triggered by internal connection management inconsistencies. This could lead to an inconsistency in the product's internal connection management process, potentially affecting the availability of the system. The technical details are based on the CVE record and NVD entry, which may not provide a complete understanding of the vulnerability.

Defensive priority

High priority should be given to patching or mitigating this vulnerability, especially in industrial control systems where availability is crucial. Defenders should verify the current status and affected scope with the official CVE record and NVD details.

Recommended defensive actions

  • Apply patches or updates provided by Mitsubishi Electric as soon as possible.
  • Limit the number of TCP connections to the FX5-EIP module.
  • Implement network segmentation to isolate critical systems.
  • Monitor network traffic for unusual patterns indicative of potential exploitation attempts.
  • Consider compensating controls such as intrusion detection systems.
  • Review and update incident response plans to address potential DoS conditions.
  • Conduct a thorough review of system configurations and network architecture to identify potential vulnerabilities.

Evidence notes

The CVE record was published on 2026-06-19T03:16:14.850Z and was last modified on 2026-06-22T19:49:09.490Z. The NVD entry is currently Deferred. This information is based on the supplied source corpus and may not reflect the current status of the vulnerability. Defenders should verify the current status and affected scope with the official CVE record and NVD details. The evidence is limited to publicly available information and may not be comprehensive.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-19T03:16:14.850Z and has not been modified since then. The NVD entry is currently Deferred.