Mitsubishi Electric CNC Series

Monitor5.9ICS-CERT ICSA-26-078-05Mar 19, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

An out-of-bounds read vulnerability in Mitsubishi Electric CNC Series controllers can allow a remote attacker to cause a denial-of-service condition. The vulnerability affects M800VW, M800VS, M80V, M80VW (versions ≤BB), M800W, M800S, M80, M80W, E80 (versions ≤FM), and all versions of C80, M750VW, M730VW, M720VW, M750VS, M730VS, M720VS, M70V, E70, NC Trainer2, and NC Trainer2 plus controllers. Successful exploitation results in loss of availability of the affected CNC equipment.

What this means

What could happen

An attacker could trigger a denial-of-service condition on Mitsubishi CNC controllers by causing an out-of-bounds memory read, stopping machine operations and requiring a restart to recover.

Who's at risk

Manufacturing facilities and energy sector operators using Mitsubishi Electric CNC controllers (M70, M80, M800, E80, C80, NC Trainer series) should be aware that all versions of some models and specific older versions of others are vulnerable to remote denial-of-service attacks.

How it could be exploited

An attacker with network access to the CNC controller can send a specially crafted network request that triggers an out-of-bounds read in memory. This causes the controller to crash or become unresponsive, interrupting all machining operations on affected equipment.

Prerequisites

Network access to the CNC controller (port not specified in advisory)
No authentication required

remotely exploitableno authentication requiredlow complexityno patch available for many modelsaffects production equipmenthigh impact on operations

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (20)

9 with fix11 EOL

ProductAffected VersionsFix Status

M800VW (BND-2051W000): <=BB≤ BBBC or later

M800VS (BND-2052W000): <=BB≤ BBBC or later

M80V (BND-2053W000): <=BB≤ BBBC or later

M80VW (BND-2054W000): <=BB≤ BBBC or later

M800W (BND-2005W000): <=FM≤ FMFN or later

Remediation & Mitigation

0/7

Do now

0/1

WORKAROUNDEnable IP filtering on M800V/M80V Series and M800/M80/E80 Series to restrict which hosts can access the CNC controller

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate M800VW, M800VS, M80V, and M80VW to firmware version BC or later

HOTFIXUpdate M800W, M800S, M80, M80W, and E80 to firmware version FN or later

Mitigations - no patch available

0/4

The following products have reached End of Life with no planned fix: C80 (BND-2036W000): vers:all/*, M750VW (BND-1015W002): vers:all/*, M730VW (BND-1015W000): vers:all/*, M720VW (BND-1015W000): vers:all/*, M750VS (BND-1012W002): vers:all/*, M730VS (BND-1012W000): vers:all/*, M720VS (BND-1012W000): vers:all/*, M70V (BND-1018W000): vers:all/*, E70 (BND-1022W000): vers:all/*, NC Trainer2 (BND-1802W000): vers:all/*, NC Trainer2 plus (BND-1803W000): vers:all/*. Apply the following compensating controls:

HARDENINGPlace all CNC controllers on isolated LAN segments and configure firewall rules to block access from untrusted networks

HARDENINGUse VPN for any required remote access to CNC controllers, and ensure VPN is kept current

HARDENINGRestrict physical access to CNC controllers and all networked computers and devices connected to them

HARDENINGInstall and maintain anti-virus software on all PCs that can access the affected CNC controllers

CVEs (1)

CVE-2025-2399

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f27550fa-93c9-41d3-8cc5-9cba64a5ceb9