Mitsubishi MELSEC iQ-R Series Critical Firmware Flaw
⚠️ A critical vulnerability (CVE-2025-15080) affects Mitsubishi Electric MELSEC iQ-R Series firmware (R08/16/32/120PCPU) versions 48 and earlier. An attacker can read device data or parts of control programs, write device data, or cause a denial-of-service by sending specially crafted SLMP or proprietary protocol packets. Mitsubishi Electric recommends updating affected firmware to version 49 or later and, until patched, restricting access via firewalls, IP filters, VPNs, and LAN-only operation.
