CVE-2025-61859 HIGH

CVE-2025-61859

Vendor Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd.

Product V-SFT

Weakness CWE-787

Published October 10, 2025

Last update October 10, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.

Key dates

02Disclosure timeline

October 10, 2025 CVE published

October 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-61859

Related vulnerabilities

Identifiers

CVE CVE-2025-61859

CWE CWE-787

CVSS 7.8 / HIGH

Affected versions