Stack-Based Buffer Overflow in Fujielectric's V-SFT Product
CVE-2025-47760

8.4HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd.
Status: V-sft
Vendor: CVE Published:; 19 May 2025

🔔 Create Fuji Electric Co., Ltd. Vulnerability Alert

What is CVE-2025-47760?

Fujielectric's V-SFT, specifically versions 6.2.5.0 and earlier, is susceptible to a stack-based buffer overflow vulnerability in the VS6MemInIF!set_temp_type_default function. This security flaw can be exploited by opening specially crafted V7 or V8 files, resulting in potential crashes, information disclosure, and arbitrary code execution. Users of affected versions are advised to take precautionary measures and update their systems to mitigate the risks.

Affected Version(s)

V-SFT v6.2.5.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...

https://jvn.jp/en/vu/JVNVU97228144/

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2025
Vulnerability Reserved
May 9, 2025

JSON