IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M

HIGH
CVSS 8.8
Date 2026-06-30T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a denial-of-service condition in the affected product, or execute arbitrary code when a specially crafted archive file is decompressed by the 7-Zip component included in MELSOFT Update Manager.

// Vulnerabilities (4)

CVE ID CVSS Score Severity Description
CVE-2025-55188 7.9 high
A link following vulnerability exists in the 7-Zip component included in MELSOFT Update Manager SW1DND-UDM-M. This vulnerability could allow a local attacker to tamper with or destroy information by convincing a legitimate user to decompress a specially crafted archive file using the affected product. If the tampered or destroyed files are required for PC operation, the affected PC may enter a denial-of-service condition.
CVE-2025-53817 5.0 medium
A NULL pointer dereference vulnerability exists in the 7-Zip component included in MELSOFT Update Manager SW1DND-UDM-M. This vulnerability could allow a local attacker to trigger a NULL pointer dereference that may cause the affected product to enter a denial-of-service condition by convincing a legitimate user to decompress a specially crafted archive file using the affected product.
CVE-2025-11001 8.8 high
A path traversal vulnerability exists in the 7-Zip component included in MELSOFT Update Manager SW1DND-UDM-M. This vulnerability could allow a local attacker to execute arbitrary code by decompressing a specially crafted archive file using the affected product. As a result, the affected product may be impacted in ways such as information theft, information tampering, a denial-of-service condition, or other impacts.
CVE-2025-53816 5.0 medium
A heap-based buffer overflow vulnerability exists in the 7-Zip component included in MELSOFT Update Manager SW1DND-UDM-M. This vulnerability could allow a local attacker to trigger a buffer overflow that may cause the affected product to enter a denial-of-service condition by convincing a legitimate user to decompress a specially crafted archive file using the affected product.

// Remediations (11)

Mitigation: For users who cannot immediately update the product, Mitsubishi Electric recommends installing anti-
For users who cannot immediately update the product, Mitsubishi Electric recommends installing anti-virus software on the PC with the affected product, to minimize the risk of exploitation of this vulnerability.
Mitigation: For users who cannot immediately update the product, Mitsubishi Electric recommends using a firewall
For users who cannot immediately update the product, Mitsubishi Electric recommends using a firewall, virtual private network (VPN), or similar network security controls to prevent unauthorized access and allow only trusted users to remote login when internet access is required, to minimize the risk of exploitation of this vulnerability.
Mitigation: For users who cannot immediately update the product, Mitsubishi Electric recommends restricting phys
For users who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC with the affected product and the network to which the PC is connected, to minimize the risk of exploitation of this vulnerability.
Mitigation: For more information see the associated Mitsubishi Electric security advisory 2026-004: https://www.
For more information see the associated Mitsubishi Electric security advisory 2026-004: https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2026-004_en.pdf.
Mitigation: Mitsubishi Electric has identified the following specific workarounds and mitigations users can appl
Mitsubishi Electric has identified the following specific workarounds and mitigations users can apply to reduce risk:
Patch: Mitsubishi Electric is releasing fixed version 1.015R or later for MELSOFT Update Manager SW1DND-UDM
Mitsubishi Electric is releasing fixed version 1.015R or later for MELSOFT Update Manager SW1DND-UDM-M. Please download the update file for the fixed version from the link "https://www.mitsubishielectric.co.jp/fa/download/index.html" (This site is in Japanese) and install it. For more information on the fixed version, refer to the Mitsubishi Electric security advisory at "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2026-004_en.pdf".
Patch: Mitsubishi Electric is releasing fixed version 1.015R or later for MELSOFT Update Manager SW1DND-UDM
Mitsubishi Electric is releasing fixed version 1.015R or later for MELSOFT Update Manager SW1DND-UDM-M. Please download the update file for the fixed version from the link "https://www.mitsubishielectric.co.jp/fa/download/index.html" (This site is in Japanese) and install it. For more information on the fixed version, refer to the Mitsubishi Electric security advisory at "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2026-004_en.pdf".
Mitigation: For users who cannot immediately update the product, Mitsubishi Electric recommends preventing users
For users who cannot immediately update the product, Mitsubishi Electric recommends preventing users from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploitation of this vulnerability.
Mitigation: For users who cannot immediately update the product, Mitsubishi Electric recommends using the PC wit
For users who cannot immediately update the product, Mitsubishi Electric recommends using the PC with the affected product within a LAN and blocking remote logins from untrusted networks, hosts, and users, to minimize the risk of exploitation of this vulnerability.
Mitigation: ABB recommends uninstalling the version of 7-Zip and Microsoft Azure Data Studio from the system. Un
ABB recommends uninstalling the version of 7-Zip and Microsoft Azure Data Studio from the system. Uninstallation does not affect the functionality of the products. ABB recommends that customers perform the uninstallation at earliest convenience. Refer to section “General security recommendations” for further advise on how to keep your system secure. 7-Zip – An attacker needs to extract the file with the vulnerable version of 7-Zip or trick a user to click a link or download a malicious file and extract them. Microsoft Azure Data Studio – An attacker needs to get into the system and open a malicious file or run code which could exploit this vulnerability. In both scenarios, the attack will be less likely if the user has configured the system as per recommended guidelines.
Workaround: Workarounds are specific measures that a user can take to help block an attack, for example, tempora
Workarounds are specific measures that a user can take to help block an attack, for example, temporarily disabling the vulnerable feature may remove the exposure with well-known impact on functionality. There are no workarounds. Uninstalling the affected third-party software fully eliminates the risk of vulnerabilities. Refer to the section ‘Recommended immediate actions’.

// References