Primary

Context

Fuji Electric V-SFT Out-of-Bounds Write Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in the V-SFT application by Fuji Electric, specifically in versions through 6.2.7.0. This vulnerability resides in the 'VS6ComFile' component, within the 'set_AnimationItem' function. Opening specially crafted V-SFT files can result in information disclosure, an abnormal termination of the affected system, and arbitrary code execution.

Impact

Exploitation of this vulnerability can lead to information disclosure, an abnormal system termination, and arbitrary code execution.

Remediation

Users are advised to update the software to the latest version. Improvement information for V-SFT version 6 is available on the Fuji Electric Monitouch website.

Added: Oct 10, 2025, 11:21 AM

Updated: Oct 10, 2025, 11:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fuji Electric V-SFT Out-of-Bounds Write Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

FUJI Electric V-SFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating