Primary

Context

V-SFT Stack-Based Buffer Overflow Vulnerability in VS6ComFile Component Allowing Arbitrary Code Execution

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in V-SFT version 6.2.5.0 and earlier, specifically within the VS6ComFile component's WriteV7DataToRom function. This vulnerability allows for arbitrary code execution, information disclosure, and may cause the application to crash. The issue arises when specially crafted V7 or V8 files are opened.

Impact

Exploitation of this vulnerability can lead to a crash of the affected application, unauthorized disclosure of information, and execution of arbitrary code.

Remediation

Users are advised to update to V-SFT version 6.2.6.0 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

V-SFT Stack-Based Buffer Overflow Vulnerability in VS6ComFile Component Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

FUJI ELECTRIC V-SFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating