Stack-based Buffer Overflow Vulnerability in V-SFT by Fuji Electric
CVE-2025-47759

8.4HIGH

Key Information:

Vendor

Fuji Electric Co., Ltd.

Status
S-sft
Vendor
CVE Published:
19 May 2025

What is CVE-2025-47759?

The V-SFT software by Fuji Electric contains a serious stack-based buffer overflow vulnerability. This issue resides in the VS6ComFile!CV7BaseMap::WriteV7DataToRom function, which can be triggered by opening specially crafted V7 or V8 files. Exploitation of this vulnerability may result in application crashes, unauthorized information disclosure, and potential arbitrary code execution, posing a significant security threat to users.

Affected Version(s)

S-SFT v6.2.5.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...
https://jvn.jp/en/vu/JVNVU97228144/

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.