CVE-2025-5241
MEDIUMDescription
Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unable to login until a certain period has passed after the lockout or until the product is reset.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-5241? +
How severe is CVE-2025-5241? +
How do I check if I'm vulnerable to CVE-2025-5241? +
Related Vulnerabilities
Cap-go Console < 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to block authentication …
Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to lockout LDAP users following …
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: …
A flaw was found in Keycloak. In certain conditions, this issue may allow a remote unauthenticated attacker to block other …