CVE-2025-47752 HIGH

CVE-2025-47752

Vendor Fuji Electric Co., Ltd.

Product V-SFT

Weakness CWE-787

Published May 19, 2025

Last update May 19, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Key dates

02Disclosure timeline

May 19, 2025 CVE published

May 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-47752 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

04Related CVE

CVE-2023-25564 GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings CVE-2026-26011 Critical Heap Out-of-bounds Access in `pf_cluster_stats()` via Malicious /initialpose Covariance -- Potential Remote Code Execution CVE-2025-32403 CVE-2025-2474 Vulnerability in PCX Image Codec Impacts QNX Software Development Platform CVE-2025-53367 DjVuLibre OOB-Write Vulnerability in MMRDecoder