Out-of-Bounds Read Vulnerability in V-SFT by Fuji Electric
CVE-2025-47755

8.4HIGH

Key Information:

Vendor

Fuji Electric Co., Ltd.

Status
V-sft
Vendor
CVE Published:
19 May 2025

What is CVE-2025-47755?

V-SFT version 6.2.5.0 and earlier developed by Fuji Electric is susceptible to an out-of-bounds read vulnerability within the VS6EditData!VS4_SaveEnvFile function. Attackers can exploit this issue by opening specially crafted V7 or V8 files, potentially resulting in application crashes, unauthorized information disclosure, and the execution of arbitrary code. This vulnerability highlights the importance of implementing proper input validation and security measures in software applications to mitigate risks associated with such attacks.

Affected Version(s)

V-SFT v6.2.5.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...
https://jvn.jp/en/vu/JVNVU97228144/

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.