CVE-2025-47757 is a high-severity vulnerability affecting FUJI ELECTRIC CO., LTD.'s V-SFT software, specifically versions 6.2.5.0 and earlier. The flaw resides in the VS6MemInIF.dll component, within the set_plc_type_default function. This vulnerability is triggered when the software opens specially crafted V7 or V8 files, which causes an out-of-bounds read condition. Such a memory handling error can lead to multiple adverse effects including application crashes, unintended information disclosure, and potentially arbitrary code execution. The vulnerability is classified with a CVSS 3.1 base score of 7.8, indicating a high impact on confidentiality, integrity, and availability. The attack vector is local (AV:L), meaning the attacker must have local access to the system, but no privileges are required (PR:N). User interaction is necessary (UI:R), implying that the user must open or process the malicious file. The vulnerability scope is unchanged (S:U), affecting only the vulnerable component. Exploitation could allow an attacker to execute arbitrary code with the privileges of the user running V-SFT, potentially leading to full system compromise or leakage of sensitive industrial control data. Although no known exploits are currently reported in the wild, the technical details suggest that the vulnerability could be weaponized, especially in environments where V-SFT is used to manage programmable logic controllers (PLCs) in industrial settings.

For European organizations, particularly those in industrial automation, manufacturing, and critical infrastructure sectors that utilize FUJI ELECTRIC's V-SFT software for PLC programming and control, this vulnerability poses a significant risk. Exploitation could result in operational disruptions due to software crashes, unauthorized disclosure of sensitive industrial process data, and even full system compromise through arbitrary code execution. This could lead to production downtime, safety hazards, intellectual property theft, and potential cascading effects on supply chains. Given the local attack vector and requirement for user interaction, insider threats or compromised endpoints could be leveraged to exploit this vulnerability. The impact is especially critical in sectors where industrial control systems are integrated with enterprise networks, increasing the risk of lateral movement and broader network compromise.

European organizations should implement a multi-layered mitigation approach: 1) Immediately identify and inventory all instances of V-SFT software, focusing on versions 6.2.5.0 and earlier. 2) Apply vendor patches or updates as soon as they become available; if no patches are currently released, coordinate with FUJI ELECTRIC for timelines and interim mitigations. 3) Restrict local access to systems running V-SFT to trusted personnel only, enforcing strict access controls and monitoring. 4) Implement application whitelisting and endpoint protection solutions to detect and block execution of unauthorized or suspicious files, including malformed V7 or V8 files. 5) Conduct user awareness training to prevent inadvertent opening of malicious files and enforce policies on handling files from untrusted sources. 6) Employ network segmentation to isolate industrial control systems from general enterprise networks, reducing the risk of lateral movement. 7) Monitor logs and system behavior for signs of exploitation attempts, such as unexpected crashes or anomalous process activity related to V-SFT. 8) Consider deploying file integrity monitoring on V-SFT related files and DLLs to detect unauthorized changes.