Out-of-Bounds Read Vulnerability in V-SFT by Fuji Electric
CVE-2025-61860

8.4HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd.
Status: V-sft
Vendor: CVE Published:; 10 October 2025

🔔 Create Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2025-61860?

An out-of-bounds read vulnerability has been identified in the V-SFT software, specifically within the VS6MemInIF module. This issue arises when opening specially crafted V-SFT files, which may potentially result in information leakage and could cause the affected system to experience an abnormal termination (ABEND). Moreover, exploitation of this vulnerability might allow attackers to execute arbitrary code, posing significant security risks to users of V-SFT versions prior to v6.2.7.0.

Affected Version(s)

V-SFT v6.2.7.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...

https://jvn.jp/en/vu/JVNVU90008453/

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Oct 2, 2025

JSON