Out-of-Bounds Read Vulnerability in V-SFT Graphic Editor by Fuji Electric
CVE-2022-29506

7.8HIGH

Key Information:

Vendor

Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd.

Status
V-sft
Vendor
CVE Published:
14 June 2022

What is CVE-2022-29506?

An out-of-bounds read vulnerability exists in the simulator module of the V-SFT graphic editor, prior to version 6.1.3.0. This vulnerability can allow attackers to obtain sensitive information or execute arbitrary code. By tricking a user into opening a specially crafted image file, an attacker can exploit this flaw, highlighting the importance of safeguarding against such threats within graphical editing software.

Affected Version(s)

V-SFT v6.1.3.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...
x_refsource_MISC
https://monitouch.fujielectric.com/site/download-eu/03tel...
x_refsource_MISC
https://jvn.jp/en/vu/JVNVU93134398/index.html
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.