CVE-2025-3511: Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE...
Description
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module and CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
Classification
CVE ID: CVE-2025-3511
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.9
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
Vendor: Mitsubishi Electric Corporation
Product: CC-Link IE TSN Remote I/O module NZ2GN2S1-32D, CC-Link IE TSN Remote I/O module NZ2GN2S1-32T, CC-Link IE TSN Remote I/O module NZ2GN2S1-32TE, CC-Link IE TSN Remote I/O module NZ2GN2S1-32DT, CC-Link IE TSN Remote I/O module NZ2GN2S1-32DTE, CC-Link IE TSN Remote I/O module NZ2GN2B1-32D, CC-Link IE TSN Remote I/O module NZ2GN2B1-32T, CC-Link IE TSN Remote I/O module NZ2GN2B1-32TE, CC-Link IE TSN Remote I/O module NZ2GN2B1-32DT, CC-Link IE TSN Remote I/O module NZ2GN2B1-32DTE, CC-Link IE TSN Remote I/O module NZ2GNCF1-32D, CC-Link IE TSN Remote I/O module NZ2GNCF1-32T, CC-Link IE TSN Remote I/O module NZ2GNCE3-32D, CC-Link IE TSN Remote I/O module NZ2GNCE3-32DT, CC-Link IE TSN Remote I/O module NZ2GN12A4-16D, CC-Link IE TSN Remote I/O module NZ2GN12A4-16DE, CC-Link IE TSN Remote I/O module NZ2GN12A2-16T, CC-Link IE TSN Remote I/O module NZ2GN12A2-16TE, CC-Link IE TSN Remote I/O module NZ2GN12A42-16DT, CC-Link IE TSN Remote I/O module NZ2GN12A42-16DTE, CC-Link IE TSN Remote I/O module NZ2GN2S1-16D, CC-Link IE TSN Remote I/O module NZ2GN2S1-16T, CC-Link IE TSN Remote I/O module NZ2GN2S1-16TE, CC-Link IE TSN Remote I/O module NZ2GN2B1-16D, CC-Link IE TSN Remote I/O module NZ2GN2B1-16T, CC-Link IE TSN Remote I/O module NZ2GN2B1-16TE, CC-Link IE TSN Analog-Digital Converter module NZ2GN2S-60AD4, CC-Link IE TSN Analog-Digital Converter module NZ2GN2B-60AD4, CC-Link IE TSN Digital-Analog Converter module NZ2GN2S-60DA4, CC-Link IE TSN Digital-Analog Converter module NZ2GN2B-60DA4, CC-Link IE TSN FPGA module NZ2GN2S-D41P01, CC-Link IE TSN FPGA module NZ2GN2S-D41D01, CC-Link IE TSN FPGA module NZ2GN2S-D41PD02, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-300, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-60
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.07% (probability of being exploited)
EPSS Percentile: 22.02% (scored less or equal to compared to others)
EPSS Date: 2025-05-24 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-3511https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf