CVE-2025-47754 is a high-severity vulnerability affecting FUJI ELECTRIC CO., LTD.'s V-SFT software, specifically versions 6.2.5.0 and earlier. The vulnerability arises from an out-of-bounds read issue within the VS6EditData!Conv_Macro_Data function. This function processes V7 or V8 file formats, and when a specially crafted file of these types is opened, it can trigger the vulnerability. The out-of-bounds read can lead to multiple adverse effects: application crashes (denial of service), information disclosure (potential leakage of sensitive memory contents), and even arbitrary code execution. The CVSS 3.1 base score of 7.8 reflects a high severity, with the vector indicating that the attack requires local access (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but does require user interaction (UI:R). The scope remains unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). This means that an attacker with local access who can trick a user into opening a malicious file can fully compromise the system running V-SFT. The vulnerability is particularly critical because arbitrary code execution can lead to complete system takeover, data theft, or disruption of industrial processes controlled by V-SFT. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that organizations should prioritize monitoring and mitigation efforts. V-SFT is industrial software used primarily for automation and control systems, which often operate in critical infrastructure environments, increasing the risk profile of this vulnerability.

For European organizations, especially those in industrial sectors such as manufacturing, energy, utilities, and critical infrastructure, this vulnerability poses a significant risk. V-SFT is used for programming and managing programmable logic controllers (PLCs) and other automation devices. Exploitation could lead to unauthorized control or disruption of industrial processes, potentially causing physical damage, safety hazards, and operational downtime. Information disclosure could expose sensitive operational data or intellectual property. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, as insiders or attackers with initial footholds could leverage this vulnerability to escalate privileges or move laterally within networks. Given the critical nature of industrial control systems in Europe and the increasing targeting of such environments by threat actors, the impact could extend beyond individual organizations to affect supply chains and national infrastructure resilience.

Organizations should immediately identify and inventory all instances of V-SFT software, focusing on versions 6.2.5.0 and earlier. Until a patch is available, strict access controls should be enforced to limit local access to trusted personnel only. Implement application whitelisting to prevent execution of unauthorized files and restrict the ability to open V7 or V8 files from untrusted sources. User training should emphasize the risks of opening files from unknown or unverified origins. Network segmentation should isolate systems running V-SFT from general IT networks to reduce the risk of lateral movement. Monitoring and logging should be enhanced to detect unusual file access or crashes related to V-SFT. If possible, deploy host-based intrusion detection systems (HIDS) with rules tailored to detect exploitation attempts of this vulnerability. Organizations should maintain close communication with FUJI ELECTRIC for timely patch releases and apply updates promptly once available. Additionally, consider implementing multi-factor authentication and strict privilege management to reduce the risk of unauthorized local access.