Primary

Context

Fuji Electric V-SFT Out-of-Bounds Write Vulnerability Allowing Information Disclosure, System Crash, and Arbitrary Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in the V-SFT software by Fuji Electric, specifically in the version 6.2.7.0 and earlier. This vulnerability resides in the 'VS6ComFile!CItemDraw::is_motion_tween' function. Exploiting this vulnerability involves opening specially crafted V-SFT files, which can lead to unauthorized information disclosure, cause the affected system to experience an abnormal termination, and allow for arbitrary code execution.

Impact

Exploitation of this vulnerability can result in unauthorized information disclosure, abnormal termination of the affected system, and arbitrary code execution.

Remediation

Users are advised to update the software to the latest version available. Improvement information for V-SFT version 6 can be found on the Fuji Electric Monitouch website.

Added: Oct 10, 2025, 11:21 AM

Updated: Oct 10, 2025, 11:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fuji Electric V-SFT Out-of-Bounds Write Vulnerability Allowing Information Disclosure, System Crash, and Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

FUJI Electric V-SFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating