ICSA-25-308-01
Vulnerability from csaf_cisa - Published: 2025-11-04 07:00 - Updated: 2025-12-16 07:00Summary
Fuji Electric Monitouch V-SFT-6 (Update A)
Notes
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Risk evaluation: Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Japan
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.
7.8 (High)
Mitigation
Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.
https://felib.fujielectric.co.jp/en/document_sear…
Mitigation
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Mitigation
Do not click web links or open attachments in unsolicited email messages.
Mitigation
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
https://www.cisa.gov/uscert/sites/default/files/p…
Mitigation
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
https://www.cisa.gov/uscert/ncas/tips/ST04-014
7.8 (High)
Mitigation
Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.
https://felib.fujielectric.co.jp/en/document_sear…
Mitigation
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Mitigation
Do not click web links or open attachments in unsolicited email messages.
Mitigation
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
https://www.cisa.gov/uscert/sites/default/files/p…
Mitigation
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
https://www.cisa.gov/uscert/ncas/tips/ST04-014
7.8 (High)
Mitigation
Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.
https://felib.fujielectric.co.jp/en/document_sear…
Mitigation
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Mitigation
Do not click web links or open attachments in unsolicited email messages.
Mitigation
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
https://www.cisa.gov/uscert/sites/default/files/p…
Mitigation
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
https://www.cisa.gov/uscert/ncas/tips/ST04-014
References
Acknowledgments
TecSecurity
Rocco Calvi
Trend Micro Zero Day Initiative
{
"document": {
"acknowledgments": [
{
"names": [
"Rocco Calvi"
],
"organization": "TecSecurity",
"summary": "reporting these vulnerabilities to Trend Micro Zero Day Initiative"
},
{
"organization": "Trend Micro Zero Day Initiative",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-308-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-308-01.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-25-308-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-308-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks"
}
],
"title": "Fuji Electric Monitouch V-SFT-6 (Update A)",
"tracking": {
"current_release_date": "2025-12-16T07:00:00.000000Z",
"generator": {
"date": "2025-12-16T15:51:44.270468Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-308-01",
"initial_release_date": "2025-11-04T07:00:00.000000Z",
"revision_history": [
{
"date": "2025-11-04T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-12-16T07:00:00.000000Z",
"legacy_version": "Update A",
"number": "2",
"summary": "Update A - Added CVE-2025-53524."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.2.7.0",
"product": {
"name": "Fuji Electric Fuji Electric Monitouch V-SFT-6: 6.2.7.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Fuji Electric Monitouch V-SFT-6"
}
],
"category": "vendor",
"name": "Fuji Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54496",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A maliciously crafted project file may cause a heap-based buffer overflow, which may allow the attacker to execute arbitrary code.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54496"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://felib.fujielectric.co.jp/en/document_search?tab=software\u0026document1%5B1%5D=M10009\u0026document2%5B1%5D=M20104\u0026product1%5B1%5D=P10003\u0026product2%5B1%5D=P20023\u0026product3%5B1%5D=P30623\u0026product4%5B1%5D=S11133\u0026discontinued%5B1%5D=0\u0026count=20\u0026sort=en_title\u0026page=1\u0026region=en-glb"
},
{
"category": "mitigation",
"details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click web links or open attachments in unsolicited email messages.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "mitigation",
"details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2025-54526",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54526"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://felib.fujielectric.co.jp/en/document_search?tab=software\u0026document1%5B1%5D=M10009\u0026document2%5B1%5D=M20104\u0026product1%5B1%5D=P10003\u0026product2%5B1%5D=P20023\u0026product3%5B1%5D=P30623\u0026product4%5B1%5D=S11133\u0026discontinued%5B1%5D=0\u0026count=20\u0026sort=en_title\u0026page=1\u0026region=en-glb"
},
{
"category": "mitigation",
"details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click web links or open attachments in unsolicited email messages.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "mitigation",
"details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2025-53524",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53524"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://felib.fujielectric.co.jp/en/document_search?tab=software\u0026document1%5B1%5D=M10009\u0026document2%5B1%5D=M20104\u0026product1%5B1%5D=P10003\u0026product2%5B1%5D=P20023\u0026product3%5B1%5D=P30623\u0026product4%5B1%5D=S11133\u0026discontinued%5B1%5D=0\u0026count=20\u0026sort=en_title\u0026page=1\u0026region=en-glb"
},
{
"category": "mitigation",
"details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click web links or open attachments in unsolicited email messages.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "mitigation",
"details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…