Skip to main content

CVE-2025-47749: Free of pointer not at start of buffer in FUJI ELECTRIC CO., LTD. V-SFT

High
VulnerabilityCVE-2025-47749cvecve-2025-47749
Published: Mon May 19 2025 (05/19/2025, 07:43:43 UTC)
Source: CVE
Vendor/Project: FUJI ELECTRIC CO., LTD.
Product: V-SFT

Description

V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

AI-Powered Analysis

AILast updated: 07/11/2025, 17:49:26 UTC

Technical Analysis

CVE-2025-47749 is a high-severity vulnerability affecting FUJI ELECTRIC CO., LTD.'s V-SFT software, specifically versions 6.2.5.0 and earlier. The vulnerability arises from improper memory management in the VS6EditData.dll component, within the CWinFontInf::WinFontMsgCheck function. The root cause is the freeing of a pointer that does not point to the start of the allocated buffer, which can lead to heap corruption. This flaw can be triggered by opening specially crafted V7 or V8 files, causing the application to crash, potentially disclose sensitive information, or allow an attacker to execute arbitrary code. The CVSS 3.1 base score of 7.8 reflects the vulnerability's high impact, with an attack vector classified as local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). Although no known exploits are currently reported in the wild, the vulnerability's nature suggests that exploitation could lead to full compromise of the affected system. The vulnerability is particularly critical because it allows code execution through a crafted file, which could be delivered via social engineering or insider threats. The lack of available patches at the time of publication increases the urgency for mitigation.

Potential Impact

For European organizations, the impact of this vulnerability can be significant, especially in industrial and manufacturing sectors where FUJI ELECTRIC's V-SFT software is used for automation and control systems. Exploitation could lead to operational disruptions due to application crashes or system compromise, resulting in downtime, loss of productivity, and potential safety hazards. Confidentiality breaches could expose sensitive operational data or intellectual property, while integrity violations could manipulate control parameters, causing physical damage or unsafe conditions. Availability impacts could disrupt critical infrastructure processes. Given the local attack vector and requirement for user interaction, the threat is more relevant to environments where users handle V7 or V8 files from untrusted sources. However, insider threats or targeted phishing campaigns could facilitate exploitation. The high severity and potential for arbitrary code execution make this vulnerability a serious concern for European organizations relying on V-SFT in critical environments.

Mitigation Recommendations

Organizations should immediately identify and inventory all instances of V-SFT software, focusing on versions 6.2.5.0 and earlier. Until an official patch is released by FUJI ELECTRIC, the following specific mitigations are recommended: 1) Restrict access to V7 and V8 files from untrusted or external sources, implementing strict file validation and scanning procedures before opening. 2) Employ application whitelisting and sandboxing techniques to limit the impact of potential exploitation when opening files. 3) Educate users on the risks of opening unsolicited or suspicious V7/V8 files, emphasizing the need for caution and verification. 4) Monitor system logs and application behavior for anomalies indicative of exploitation attempts, such as unexpected crashes or unusual memory activity. 5) Implement network segmentation to isolate systems running V-SFT, reducing lateral movement opportunities. 6) Prepare incident response plans specific to this vulnerability, including steps for containment and recovery. Once FUJI ELECTRIC releases a patch, prioritize immediate deployment after thorough testing.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
jpcert
Date Reserved
2025-05-09T08:06:34.548Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0f81484d88663aeb5e0

Added to database: 5/20/2025, 6:59:04 PM

Last enriched: 7/11/2025, 5:49:26 PM

Last updated: 8/14/2025, 3:33:48 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats