Secure Your Network Against Mitsubishi Electric Vulnerability

Image credit: Photo by Rebecca Wang / CC BY 4.0

Context: Security teams need to be aware Mitsubishi Electric has identified a vulnerability in a bunch of their MELSEC iQ-F Series CPU modules—CVE-2025-7405—and it’s got a base score of about 6.9. It turns out the MODBUS/TCP protocol on these industrial controllers doesn’t ask for any credentials for crucial functions. Attackers can exploit this by changing device settings, snooping on data, or even causing shutdowns without any authentication required.

Of particular concern is the scope of affected devices—every FX5UJ and FX5S variant, no matter the firmware, and any FX5U/UC units running a firmware version 1.060 or newer. Note that, this means a lot of industrial gear could be hanging out unprotected if found on poorly segmented networks. Basically, someone could network-access these controllers and trigger operations issues or DoS attacks by going after the MODBUS interface.

Warning: Mitsubishi isn’t rolling out any firmware patches. They’re recommending network-based mitigations and calling it a day—suggesting tweaks like firewall configurations, VPNs for internet connections, using trusted LANs, and fine-tuning IP filters (which folks might not have touched since set-up). So really, what you should be doing is checking your network segments stat – these controllers mustn’t be left on unsafe networks and firewall setup needs to be on point.

Impact: The good news yet is there aren’t known exploits floating around, but industrial system threats materialize quickly after disclosures. You need to audit your systems thoroughly to prevent any unwanted access, and ensure everything’s bolstered against potential mischief. Time to double-check configurations, because when things go sideways, a quick response can make all the difference.