CVE-2025-47752 is a high-severity vulnerability affecting FUJI ELECTRIC CO., LTD.'s V-SFT software, specifically versions 6.2.5.0 and earlier. The vulnerability arises from an out-of-bounds write in the function VS6ComFile!MakeItemGlidZahyou. This function processes V7 or V8 file formats, and when a specially crafted file of these types is opened, it can trigger the vulnerability. The out-of-bounds write can lead to multiple adverse outcomes including application crashes, information disclosure, and potentially arbitrary code execution. The CVSS 3.1 base score is 7.8, indicating a high impact. The attack vector is local (AV:L), meaning an attacker needs local access to the system, but no privileges are required (PR:N). User interaction is required (UI:R), so the victim must open the malicious file. The scope is unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). This vulnerability is critical for environments where V-SFT is used to process or analyze V7 or V8 files, as exploitation could allow attackers to execute arbitrary code with the privileges of the user running the software. No known exploits are reported in the wild yet, but the vulnerability's nature suggests that once weaponized, it could be leveraged for significant compromise.

For European organizations using FUJI ELECTRIC's V-SFT software, particularly in industrial automation, manufacturing, or energy sectors where such software is commonly deployed, this vulnerability poses a significant risk. Exploitation could lead to operational disruptions due to crashes, leakage of sensitive information processed by V-SFT, and full compromise of affected systems through arbitrary code execution. Given the criticality of industrial control systems in Europe’s manufacturing and energy infrastructure, successful exploitation could impact production lines, safety systems, and data integrity. The local attack vector and requirement for user interaction reduce the risk somewhat, but insider threats or targeted spear-phishing campaigns delivering malicious V7/V8 files could enable exploitation. The high impact on confidentiality, integrity, and availability makes this vulnerability particularly concerning for organizations with strict regulatory compliance requirements such as GDPR and NIS Directive, where data breaches or operational downtime can lead to severe penalties and reputational damage.

European organizations should immediately identify all instances of V-SFT software version 6.2.5.0 and earlier within their environments. Since no patch links are currently available, organizations should implement the following mitigations: 1) Restrict access to V-SFT software to trusted users only and limit the ability to open V7 or V8 files from untrusted sources. 2) Implement strict file validation and scanning for V7/V8 files before they are opened in V-SFT, using endpoint protection solutions capable of detecting malformed or malicious files. 3) Employ application whitelisting and sandboxing techniques to contain the impact of potential exploitation. 4) Educate users about the risks of opening unsolicited or unexpected V7/V8 files, emphasizing the need for caution and verification. 5) Monitor system logs and behavior for signs of crashes or anomalous activity related to V-SFT processes. 6) Once a vendor patch is released, prioritize immediate deployment after testing. 7) Consider network segmentation to isolate systems running V-SFT from critical infrastructure to limit lateral movement in case of compromise.