Analysis Summary

CVE-2025-47756 CVSS:7.8

V-SFT contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47760 CVSS:7.8

V-SFT contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47759 CVSS:7.8

V-SFT contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47751 CVSS:7.8

V-SFT contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47752 CVSS:7.8

V-SFT contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47755 CVSS:7.8

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Impact

• Code Execution
• Buffer Overflow
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2025-47756
• CVE-2025-47760
• CVE-2025-47752
• CVE-2025-47759
• CVE-2025-47751
• CVE-2025-47755

Affected Vendors

Remediation

Refer to Fuji Electric Security Advisory for patch, upgrade, or suggested workaround information.

Fuji Electric Security Advisory