Search

Find a vulnerability

Search criteria

    43 vulnerabilities by FUJI ELECTRIC CO., LTD.

    JVNDB-2026-009720

    Vulnerability from jvndb - Published: 2026-04-02 14:58 - Updated:2026-04-03 15:50
    Severity
    Summary
    Multiple vulnerabilities in FUJI Electric V-SFT (April 2026)
    Details
    V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.
    • Stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom (CWE-121) - CVE-2026-32925
    • Out-of-bounds read in VS6ComFile!load_link_inf (CWE-125) - CVE-2026-32926
    • Out-of-bounds read in VS6MemInIF!set_temp_type_default (CWE-125) - CVE-2026-32927
    • Stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem (CWE-121) - CVE-2026-32928
    • Out-of-bounds read in VS6ComFile!get_macro_mem_COM (CWE-125) - CVE-2026-32929
    Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-009720.html",
      "dc:date": "2026-04-03T15:50+09:00",
      "dcterms:issued": "2026-04-02T14:58+09:00",
      "dcterms:modified": "2026-04-03T15:50+09:00",
      "description": "V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/121.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://cwe.mitre.org/data/definitions/125.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://cwe.mitre.org/data/definitions/125.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://cwe.mitre.org/data/definitions/121.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://cwe.mitre.org/data/definitions/125.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eStack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom (CWE-121) - CVE-2026-32925\u003c/li\u003e\u003cli\u003eOut-of-bounds read in VS6ComFile!load_link_inf (CWE-125) - CVE-2026-32926\u003c/li\u003e\u003cli\u003eOut-of-bounds read in VS6MemInIF!set_temp_type_default (CWE-125) - CVE-2026-32927\u003c/li\u003e\u003cli\u003eStack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem (CWE-121) - CVE-2026-32928\u003c/li\u003e\u003cli\u003eOut-of-bounds read in VS6ComFile!get_macro_mem_COM (CWE-125) - CVE-2026-32929\u003c/li\u003e\u003c/ul\u003eMichael Heinzl reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-009720.html",
      "sec:cpe": {
        "#text": "cpe:/a:fujielectric:v-sft",
        "@product": "V-SFT",
        "@vendor": "Fuji Electric Co., Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2026-009720",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU90448293/index.html",
          "@id": "JVNVU#90448293",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32925",
          "@id": "CVE-2026-32925",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32926",
          "@id": "CVE-2026-32926",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32927",
          "@id": "CVE-2026-32927",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32928",
          "@id": "CVE-2026-32928",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32929",
          "@id": "CVE-2026-32929",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/121.html",
          "@id": "CWE-121",
          "@title": "Stack-based Buffer Overflow(CWE-121)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        }
      ],
      "title": "Multiple vulnerabilities in FUJI Electric V-SFT (April 2026)"
    }

    JVNDB-2025-015451

    Vulnerability from jvndb - Published: 2025-10-09 13:39 - Updated:2025-10-09 13:39
    Severity
    Summary
    Multiple vulnerabilities in FUJI Electric V-SFT
    Details
    V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.
    • Stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom (CWE-121) - CVE-2025-61856
    • Out-of-bounds write in VS6ComFile!CItemExChange::WinFontDynStrCheck (CWE-787) - CVE-2025-61857
    • Out-of-bounds write in VS6ComFile!set_AnimationItem (CWE-787) - CVE-2025-61858
    • Out-of-bounds write in VS6ComFile!CItemDraw::is_motion_tween (CWE-787) - CVE-2025-61859
    • Out-of-bounds read in VS6MemInIF!set_temp_type_default (CWE-125) - CVE-2025-61860
    • Out-of-bounds read in VS6ComFile!load_link_inf (CWE-125) - CVE-2025-61861
    • <
    • Out-of-bounds read in VS6ComFile!get_ovlp_element_size (CWE-125) - CVE-2025-61862
    • Out-of-bounds read in VS6ComFile!CSaveData::delete_mem (CWE-125) - CVE-2025-61863
    • Use after free in VS6ComFile!load_link_inf (use-after-free) (CWE-416) - CVE-2025-61864
    Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-015451.html",
      "dc:date": "2025-10-09T13:39+09:00",
      "dcterms:issued": "2025-10-09T13:39+09:00",
      "dcterms:modified": "2025-10-09T13:39+09:00",
      "description": "V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.\r\n\u003cul\u003e\r\n\u003cli\u003eStack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom (CWE-121) - CVE-2025-61856\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds write in VS6ComFile!CItemExChange::WinFontDynStrCheck (CWE-787) - CVE-2025-61857\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds write in VS6ComFile!set_AnimationItem (CWE-787) - CVE-2025-61858\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds write in VS6ComFile!CItemDraw::is_motion_tween (CWE-787) - CVE-2025-61859\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds read in VS6MemInIF!set_temp_type_default (CWE-125) - CVE-2025-61860\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds read in VS6ComFile!load_link_inf (CWE-125) - CVE-2025-61861\u003c/li\u003e\u003c\r\n\r\n\u003cli\u003eOut-of-bounds read in VS6ComFile!get_ovlp_element_size (CWE-125) - CVE-2025-61862\u003c/li\u003e\r\n\r\n\u003cli\u003eOut-of-bounds read in VS6ComFile!CSaveData::delete_mem (CWE-125) - CVE-2025-61863\u003c/li\u003e\r\n\r\n\u003cli\u003eUse after free in VS6ComFile!load_link_inf (use-after-free) (CWE-416) - CVE-2025-61864\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\r\nMichael Heinzl reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-015451.html",
      "sec:cpe": {
        "#text": "cpe:/a:fujielectric:v-sft",
        "@product": "V-SFT",
        "@vendor": "Fuji Electric Co., Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-015451",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU90008453/index.html",
          "@id": "JVNVU#90008453",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61856",
          "@id": "CVE-2025-61856",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61857",
          "@id": "CVE-2025-61857",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61858",
          "@id": "CVE-2025-61858",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61859",
          "@id": "CVE-2025-61859",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61860",
          "@id": "CVE-2025-61860",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61861",
          "@id": "CVE-2025-61861",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61862",
          "@id": "CVE-2025-61862",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61863",
          "@id": "CVE-2025-61863",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61864",
          "@id": "CVE-2025-61864",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/121.html",
          "@id": "CWE-121",
          "@title": "Stack-based Buffer Overflow(CWE-121)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/416.html",
          "@id": "CWE-416",
          "@title": "Use After Free(CWE-416)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/787.html",
          "@id": "CWE-787",
          "@title": "Out-of-bounds Write(CWE-787)"
        }
      ],
      "title": "Multiple vulnerabilities in FUJI Electric V-SFT"
    }

    JVNDB-2025-008106

    Vulnerability from jvndb - Published: 2025-07-07 16:26 - Updated:2025-07-07 16:26
    Severity
    Summary
    Heap-based buffer overflow vulnerability in V-SFT and TELLUS
    Details
    A heap-based buffer overflow vulnerability (CWE-122) exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. - CVE-2025-50130 Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-008106.html",
      "dc:date": "2025-07-07T16:26+09:00",
      "dcterms:issued": "2025-07-07T16:26+09:00",
      "dcterms:modified": "2025-07-07T16:26+09:00",
      "description": "A heap-based buffer overflow vulnerability (CWE-122) exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. - CVE-2025-50130\r\n\r\nMichael Heinzl reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-008106.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fujielectric:tellus",
          "@product": "TELLUS",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fujielectric:v-sft-6",
          "@product": "V-SFT-6",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-008106",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU94011267/index.html",
          "@id": "JVNVU#94011267",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-50130",
          "@id": "CVE-2025-50130",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/122.html",
          "@id": "CWE-122",
          "@title": "Heap-based Buffer Overflow(CWE-122)"
        }
      ],
      "title": "Heap-based buffer overflow vulnerability in V-SFT and TELLUS"
    }

    JVNDB-2025-005107

    Vulnerability from jvndb - Published: 2025-05-16 14:32 - Updated:2025-05-16 14:32
    Severity
    Summary
    Multiple vulnerabilities in V-SFT
    Details
    V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.
    • Free of Pointer not at Start of Buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function (CWE-761)
      • CVE-2025-47749
    • Out-of-bounds Write in VS6MemInIF!set_temp_type_default function (CWE-787)
      • CVE-2025-47750
    • Out-of-bounds Write in VS6MemInIF!set_temp_type_default function (CWE-787)
      • CVE-2025-47751
    • Out-of-bounds Write in VS6ComFile!MakeItemGlidZahyou function (CWE-787)
      • CVE-2025-47752
    • Out-of-bounds Read in VS6EditData!CDrawSLine::GetRectArea function(CWE-125)
      • CVE-2025-47753
    • Out-of-bounds Read in VS6EditData!Conv_Macro_Data function (CWE-125)
      • CVE-2025-47754
    • Out-of-bounds Read in VS6EditData!VS4_SaveEnvFile function (CWE-125)
      • CVE-2025-47755
    • Out-of-bounds Read in VS6EditData!CGamenDataRom::set_mr400_strc function (CWE-125)
      • CVE-2025-47756
    • Out-of-bounds Read in VS6MemInIF.dll!set_plc_type_default function (CWE-125)
      • CVE-2025-47757
    • Stack-based Buffer Overflow in VS6File!CTxSubFile::get_ProgramFile_name function (CWE-121)
      • CVE-2025-47758
    • Stack-based Buffer Overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function (CWE-121)
      • CVE-2025-47759
    • Stack-based Buffer Overflow in VS6MemInIF!set_temp_type_default function (CWE-121)
      • CVE-2025-47760
    Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-005107.html",
      "dc:date": "2025-05-16T14:32+09:00",
      "dcterms:issued": "2025-05-16T14:32+09:00",
      "dcterms:modified": "2025-05-16T14:32+09:00",
      "description": "V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below.\r\n\r\n\r\n\u003cul\u003e\r\n\u003cli\u003eFree of Pointer not at Start of Buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function (CWE-761)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47749\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Write in VS6MemInIF!set_temp_type_default function (CWE-787)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47750\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Write in VS6MemInIF!set_temp_type_default function (CWE-787)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47751\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Write in VS6ComFile!MakeItemGlidZahyou function (CWE-787)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47752\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Read in VS6EditData!CDrawSLine::GetRectArea function(CWE-125)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47753\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Read in VS6EditData!Conv_Macro_Data function (CWE-125)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47754\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Read in VS6EditData!VS4_SaveEnvFile function (CWE-125)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47755\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Read in VS6EditData!CGamenDataRom::set_mr400_strc function (CWE-125)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47756\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eOut-of-bounds Read in VS6MemInIF.dll!set_plc_type_default function (CWE-125)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47757\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eStack-based Buffer Overflow in VS6File!CTxSubFile::get_ProgramFile_name function (CWE-121)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47758\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eStack-based Buffer Overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function (CWE-121)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47759\u003c/li\u003e\u003c/ul\u003e\r\n\r\n\u003cli\u003eStack-based Buffer Overflow in VS6MemInIF!set_temp_type_default function (CWE-121)\u003c/li\u003e\r\n\u003cul\u003e\u003cli\u003eCVE-2025-47760\u003c/li\u003e\u003c/ul\u003e\r\n\u003c/ul\u003e\r\n\r\nMichael Heinzl reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-005107.html",
      "sec:cpe": {
        "#text": "cpe:/a:fujielectric:v-sft-6",
        "@product": "V-SFT-6",
        "@vendor": "Fuji Electric Co., Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-005107",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU97228144/index.html",
          "@id": "JVNVU#97228144",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47749",
          "@id": "CVE-2025-47749",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47750",
          "@id": "CVE-2025-47750",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47751",
          "@id": "CVE-2025-47751",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47752",
          "@id": "CVE-2025-47752",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47753",
          "@id": "CVE-2025-47753",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47754",
          "@id": "CVE-2025-47754",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47755",
          "@id": "CVE-2025-47755",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47756",
          "@id": "CVE-2025-47756",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47757",
          "@id": "CVE-2025-47757",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47758",
          "@id": "CVE-2025-47758",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47759",
          "@id": "CVE-2025-47759",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-47760",
          "@id": "CVE-2025-47760",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/121.html",
          "@id": "CWE-121",
          "@title": "Stack-based Buffer Overflow(CWE-121)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/761.html",
          "@id": "CWE-761",
          "@title": "Free of Pointer not at Start of Buffer(CWE-761)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/787.html",
          "@id": "CWE-787",
          "@title": "Out-of-bounds Write(CWE-787)"
        }
      ],
      "title": "Multiple vulnerabilities in V-SFT"
    }

    JVNDB-2024-013702

    Vulnerability from jvndb - Published: 2024-11-29 14:42 - Updated:2024-11-29 14:42
    Severity
    Summary
    Multiple vulnerabilities in FUJI ELECTRIC products
    Details
    Multiple vulnerabilities listed below exist in the remote monitoring software 'TELLUS' and 'TELLUS Lite', and the simulator module and the remote monitoring software 'V-Server' and 'V-Server Lite' contained in the graphic editor 'V-SFT' provided by FUJI ELECTRIC CO., LTD. * Multiple Stack-based buffer overflow vulnerabilities in V-SFT, TELLUS, TELLLUS Lite (CWE-121) - CVE-2024-38309 * Out-of-bounds read vulnerability in TELLUS and TELLUS Lite (CWE-125) - CVE-2024-38389 * Out-of-bounds read vulnerability in V-Server and V-Server Lite (CWE-125) - CVE-2024-38658 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-013702.html",
      "dc:date": "2024-11-29T14:42+09:00",
      "dcterms:issued": "2024-11-29T14:42+09:00",
      "dcterms:modified": "2024-11-29T14:42+09:00",
      "description": "Multiple vulnerabilities listed below exist in the remote monitoring software \u0027TELLUS\u0027 and \u0027TELLUS Lite\u0027, and the simulator module and the remote monitoring software \u0027V-Server\u0027 and \u0027V-Server Lite\u0027 contained in the graphic editor \u0027V-SFT\u0027 provided by FUJI ELECTRIC CO., LTD.\r\n\r\n  * Multiple Stack-based buffer overflow vulnerabilities in V-SFT, TELLUS, TELLLUS Lite (CWE-121) - CVE-2024-38309\r\n  * Out-of-bounds read vulnerability in TELLUS and TELLUS Lite (CWE-125) - CVE-2024-38389\r\n  * Out-of-bounds read vulnerability in V-Server and V-Server Lite (CWE-125) - CVE-2024-38658\r\n\r\nMichael Heinzl reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-013702.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fujielectric:tellus",
          "@product": "TELLUS",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fujielectric:tellus_lite",
          "@product": "TELLUS Lite",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fujielectric:v-server",
          "@product": "V-Server",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fujielectric:v-server_lite",
          "@product": "V-Server Lite",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fujielectric:v-sft",
          "@product": "V-SFT",
          "@vendor": "Fuji Electric Co., Ltd.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2024-013702",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU97531313/index.html",
          "@id": "JVNVU#97531313",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-38309",
          "@id": "CVE-2024-38309",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-38389",
          "@id": "CVE-2024-38389",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-38658",
          "@id": "CVE-2024-38658",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/121.html",
          "@id": "CWE-121",
          "@title": "Stack-based Buffer Overflow(CWE-121)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        }
      ],
      "title": "Multiple vulnerabilities in FUJI ELECTRIC products"
    }

    CVE-2025-47760 (GCVE-0-2025-47760)

    Vulnerability from nvd – Published: 2025-05-19 07:48 – Updated: 2025-05-19 15:48
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:48:34.277894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:48:52.253Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:48:00.492Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47760",
        "datePublished": "2025-05-19T07:48:00.492Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T15:48:52.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47759 (GCVE-0-2025-47759)

    Vulnerability from nvd – Published: 2025-05-19 07:47 – Updated: 2025-05-19 16:00
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. S-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47759",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:59:14.918809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:00:36.040Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "S-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:43.969Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47759",
        "datePublished": "2025-05-19T07:47:43.969Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T16:00:36.040Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47758 (GCVE-0-2025-47758)

    Vulnerability from nvd – Published: 2025-05-19 07:47 – Updated: 2025-05-19 16:01
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47758",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T16:00:49.702193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:01:07.022Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:32.122Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47758",
        "datePublished": "2025-05-19T07:47:32.122Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T16:01:07.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47757 (GCVE-0-2025-47757)

    Vulnerability from nvd – Published: 2025-05-19 07:47 – Updated: 2025-05-19 14:44
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47757",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:43:42.280083Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T14:44:26.818Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:16.674Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47757",
        "datePublished": "2025-05-19T07:47:16.674Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T14:44:26.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47756 (GCVE-0-2025-47756)

    Vulnerability from nvd – Published: 2025-05-19 07:46 – Updated: 2025-05-19 14:47
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47756",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:47:18.531464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T14:47:36.093Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:46:38.474Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47756",
        "datePublished": "2025-05-19T07:46:38.474Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T14:47:36.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47755 (GCVE-0-2025-47755)

    Vulnerability from nvd – Published: 2025-05-19 07:46 – Updated: 2025-05-19 15:00
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47755",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:55:09.157789Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:00:48.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:46:09.956Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47755",
        "datePublished": "2025-05-19T07:46:09.956Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:00:48.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47754 (GCVE-0-2025-47754)

    Vulnerability from nvd – Published: 2025-05-19 07:45 – Updated: 2025-05-19 15:12
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47754",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:07:38.414156Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:12:19.196Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:45:52.316Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47754",
        "datePublished": "2025-05-19T07:45:52.316Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:12:19.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47753 (GCVE-0-2025-47753)

    Vulnerability from nvd – Published: 2025-05-19 07:45 – Updated: 2025-05-19 15:18
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47753",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:17:59.544242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:18:55.399Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:45:27.403Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47753",
        "datePublished": "2025-05-19T07:45:27.403Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:18:55.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47752 (GCVE-0-2025-47752)

    Vulnerability from nvd – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:20
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47752",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:19:54.692103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:20:36.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:58.141Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47752",
        "datePublished": "2025-05-19T07:44:58.141Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:20:36.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47751 (GCVE-0-2025-47751)

    Vulnerability from nvd – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:26
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47751",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:26:06.165927Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:26:53.592Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:36.296Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47751",
        "datePublished": "2025-05-19T07:44:36.296Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:26:53.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47750 (GCVE-0-2025-47750)

    Vulnerability from nvd – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:27
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:27:07.385318Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:27:26.832Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:11.819Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47750",
        "datePublished": "2025-05-19T07:44:11.819Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:27:26.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47749 (GCVE-0-2025-47749)

    Vulnerability from nvd – Published: 2025-05-19 07:43 – Updated: 2025-05-19 15:27
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-761 - Free of pointer not at start of buffer
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47749",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:27:37.391930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:27:49.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-761",
                  "description": "Free of pointer not at start of buffer",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:43:43.944Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47749",
        "datePublished": "2025-05-19T07:43:43.944Z",
        "dateReserved": "2025-05-09T08:06:34.548Z",
        "dateUpdated": "2025-05-19T15:27:49.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32542 (GCVE-0-2023-32542)

    Vulnerability from nvd – Published: 2023-06-19 00:00 – Updated: 2024-12-12 19:10
    VLAI
    Summary
    Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds read
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:18:37.864Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/vu/JVNVU98818508/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32542",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-12T19:09:15.499291Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-12T19:10:10.487Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TELLUS and TELLUS Lite",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v4.0.15.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-19T00:00:00.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU98818508/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2023-32542",
        "datePublished": "2023-06-19T00:00:00.000Z",
        "dateReserved": "2023-05-11T00:00:00.000Z",
        "dateUpdated": "2024-12-12T19:10:10.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47760 (GCVE-0-2025-47760)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:48 – Updated: 2025-05-19 15:48
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:48:34.277894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:48:52.253Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:48:00.492Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47760",
        "datePublished": "2025-05-19T07:48:00.492Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T15:48:52.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47759 (GCVE-0-2025-47759)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:47 – Updated: 2025-05-19 16:00
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. S-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47759",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:59:14.918809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:00:36.040Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "S-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:43.969Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47759",
        "datePublished": "2025-05-19T07:47:43.969Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T16:00:36.040Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47758 (GCVE-0-2025-47758)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:47 – Updated: 2025-05-19 16:01
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47758",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T16:00:49.702193Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:01:07.022Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based buffer overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:32.122Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47758",
        "datePublished": "2025-05-19T07:47:32.122Z",
        "dateReserved": "2025-05-09T08:06:34.550Z",
        "dateUpdated": "2025-05-19T16:01:07.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47757 (GCVE-0-2025-47757)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:47 – Updated: 2025-05-19 14:44
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47757",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:43:42.280083Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T14:44:26.818Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:47:16.674Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47757",
        "datePublished": "2025-05-19T07:47:16.674Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T14:44:26.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47756 (GCVE-0-2025-47756)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:46 – Updated: 2025-05-19 14:47
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47756",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:47:18.531464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T14:47:36.093Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:46:38.474Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47756",
        "datePublished": "2025-05-19T07:46:38.474Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T14:47:36.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47755 (GCVE-0-2025-47755)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:46 – Updated: 2025-05-19 15:00
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47755",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T14:55:09.157789Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:00:48.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:46:09.956Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47755",
        "datePublished": "2025-05-19T07:46:09.956Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:00:48.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47754 (GCVE-0-2025-47754)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:45 – Updated: 2025-05-19 15:12
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47754",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:07:38.414156Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:12:19.196Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:45:52.316Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47754",
        "datePublished": "2025-05-19T07:45:52.316Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:12:19.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47753 (GCVE-0-2025-47753)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:45 – Updated: 2025-05-19 15:18
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47753",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:17:59.544242Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:18:55.399Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:45:27.403Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47753",
        "datePublished": "2025-05-19T07:45:27.403Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:18:55.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47752 (GCVE-0-2025-47752)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:20
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47752",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:19:54.692103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:20:36.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:58.141Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47752",
        "datePublished": "2025-05-19T07:44:58.141Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:20:36.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47751 (GCVE-0-2025-47751)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:26
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47751",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:26:06.165927Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:26:53.592Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:36.296Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47751",
        "datePublished": "2025-05-19T07:44:36.296Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:26:53.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47750 (GCVE-0-2025-47750)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:44 – Updated: 2025-05-19 15:27
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:27:07.385318Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:27:26.832Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:44:11.819Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47750",
        "datePublished": "2025-05-19T07:44:11.819Z",
        "dateReserved": "2025-05-09T08:06:34.549Z",
        "dateUpdated": "2025-05-19T15:27:26.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-47749 (GCVE-0-2025-47749)

    Vulnerability from cvelistv5 – Published: 2025-05-19 07:43 – Updated: 2025-05-19 15:27
    VLAI
    Summary
    V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-761 - Free of pointer not at start of buffer
    Assigner
    Impacted products
    Vendor Product Version
    FUJI ELECTRIC CO., LTD. V-SFT Affected: v6.2.5.0 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47749",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T15:27:37.391930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T15:27:49.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "V-SFT",
              "vendor": "FUJI ELECTRIC CO., LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "v6.2.5.0 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-761",
                  "description": "Free of pointer not at start of buffer",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-19T07:43:43.944Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
            },
            {
              "url": "https://jvn.jp/en/vu/JVNVU97228144/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-47749",
        "datePublished": "2025-05-19T07:43:43.944Z",
        "dateReserved": "2025-05-09T08:06:34.548Z",
        "dateUpdated": "2025-05-19T15:27:49.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }