Out-of-Bounds Write Vulnerability in V-SFT Software by Fuji Electric
CVE-2025-47751

8.4HIGH

Key Information:

Vendor

Fuji Electric Co., Ltd.

Status
V-sft
Vendor
CVE Published:
19 May 2025

What is CVE-2025-47751?

The V-SFT software, specifically versions up to 6.2.5.0, contains a notable out-of-bounds write flaw within the VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Exploiting this vulnerability could allow attackers to open specially crafted V7 or V8 files, potentially leading to application crashes, unauthorized information exposure, and the execution of arbitrary code. This raises significant concerns regarding the security of applications utilizing affected versions.

Affected Version(s)

V-SFT v6.2.5.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...
https://jvn.jp/en/vu/JVNVU97228144/

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.