Primary

Context

Fuji Electric V-SFT Out-of-Bounds Read Vulnerability Allowing Information Disclosure, System Crash, and Arbitrary Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in the VS6ComFile!get_ovlp_element_size function of V-SFT versions through 6.2.7.0. This vulnerability can be exploited by opening specially crafted V-SFT files, potentially leading to information disclosure, an abnormal system termination (ABEND), and arbitrary code execution.

Impact

Exploitation of this vulnerability may result in unauthorized information disclosure, an abnormal system termination (ABEND), and arbitrary code execution on the affected system.

Remediation

Users are advised to update V-SFT to the latest version available. Improvement information for the updated version can be found on the Fuji Electric V-SFT improvement information page.

Added: Oct 10, 2025, 11:19 AM

Updated: Oct 10, 2025, 11:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fuji Electric V-SFT Out-of-Bounds Read Vulnerability Allowing Information Disclosure, System Crash, and Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

FUJI Electric V-SFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating