Out-of-Bounds Write Vulnerability in V-SFT Software by Fuji Electric
CVE-2025-61858

8.4HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd.
Status: V-sft
Vendor: CVE Published:; 10 October 2025

🔔 Create Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2025-61858?

An out-of-bounds write vulnerability exists in the VS6ComFile!set_AnimationItem functionality of V-SFT software versions 6.2.7.0 and earlier. This issue arises when specially crafted V-SFT files are opened, potentially leading to information disclosure, system abnormal end (ABEND), and the possibility of arbitrary code execution, posing a significant security risk to users.

Affected Version(s)

V-SFT v6.2.7.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...

https://jvn.jp/en/vu/JVNVU90008453/

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Oct 2, 2025

JSON