CVE-2025-47759 is a high-severity stack-based buffer overflow vulnerability found in FUJI ELECTRIC CO., LTD.'s S-SFT product, specifically affecting versions v6.2.5.0 and earlier. The vulnerability resides in the VS6ComFile component, within the function CV7BaseMap::WriteV7DataToRom. This function processes V7 and V8 file formats, and when it opens specially crafted files, it can trigger a stack-based buffer overflow. This overflow can cause the application to crash, potentially disclose sensitive information, and allow an attacker to execute arbitrary code on the affected system. The vulnerability requires local access (Attack Vector: Local) and low attack complexity, with no privileges required but user interaction is necessary to open the malicious file. The CVSS 3.1 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability. Exploitation could lead to full system compromise, data leakage, or denial of service. No known exploits are currently reported in the wild, but the vulnerability's nature and impact make it a significant risk, especially in industrial or critical infrastructure environments where FUJI ELECTRIC's S-SFT software is deployed for automation or control systems.

For European organizations, this vulnerability poses a substantial risk, particularly those in industrial sectors such as manufacturing, energy, and utilities where FUJI ELECTRIC's S-SFT software is used for supervisory control and data acquisition (SCADA) or programmable logic controller (PLC) programming. Successful exploitation could lead to unauthorized control over critical industrial processes, resulting in operational disruption, safety hazards, and potential data breaches. The ability to execute arbitrary code elevates the threat to include persistent system compromise and lateral movement within networks. Given the reliance on automation in European manufacturing hubs and critical infrastructure, the impact could extend to economic disruption and safety incidents. Confidentiality breaches could expose sensitive operational data or intellectual property. The requirement for user interaction limits remote exploitation but does not eliminate risk, especially in environments where users handle files from external or untrusted sources.

Organizations should immediately identify and inventory all instances of FUJI ELECTRIC S-SFT software, focusing on versions v6.2.5.0 and earlier. Although no official patch links are provided, contacting FUJI ELECTRIC for security updates or patches is critical. In the interim, implement strict file handling policies to prevent opening untrusted or unsolicited V7 and V8 files. Employ application whitelisting and sandboxing techniques to isolate the S-SFT application and limit the impact of potential exploitation. Enhance endpoint detection and response (EDR) capabilities to monitor for anomalous behavior related to the VS6ComFile component. Conduct user awareness training emphasizing the risks of opening files from unknown sources. Network segmentation should be enforced to limit access to systems running S-SFT, reducing the attack surface. Additionally, consider deploying runtime application self-protection (RASP) or memory protection mechanisms to detect and prevent buffer overflow exploitation attempts. Regularly review logs for crashes or unusual activity linked to the vulnerable function.