Severity
High
Analysis Summary
CVE-2025-47756 CVSS:7.8
V-SFT contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47760 CVSS:7.8
V-SFT contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47759 CVSS:7.8
V-SFT contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47751 CVSS:7.8
V-SFT contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47752 CVSS:7.8
V-SFT contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
CVE-2025-47755 CVSS:7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
Impact
- Code Execution
- Buffer Overflow
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2025-47756
- CVE-2025-47760
- CVE-2025-47752
- CVE-2025-47759
- CVE-2025-47751
- CVE-2025-47755
Affected Vendors
Affected Products
- FUJI ELECTRIC V-SFT 6.2.5.0
Remediation
Refer to Fuji Electric Security Advisory for patch, upgrade, or suggested workaround information.