CVE-2025-47758 HIGH

CVE-2025-47758

Vendor Fuji Electric Co., Ltd.
Product V-SFT
Weakness CWE-121
Published May 19, 2025
Last update May 19, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Key dates

02Disclosure timeline

May 19, 2025 CVE published
May 19, 2025 Record updated