CVE-2025-50130 is a heap-based buffer overflow vulnerability identified in the VS6Sim.exe component of the V-SFT and TELLUS software products developed by FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd. This vulnerability affects versions v6.2.5.0 and earlier of the V-SFT-6 product. The issue arises when the software processes specially crafted V9 or X1 files, which can trigger a heap overflow condition. Exploitation of this vulnerability allows an attacker to execute arbitrary code on the affected system, potentially leading to full compromise of the host. The vulnerability requires local access (attack vector: local) and user interaction (opening the malicious file), but does not require privileges or authentication. The CVSS v3.1 score is 7.8 (high severity), reflecting the high impact on confidentiality, integrity, and availability, as successful exploitation can lead to complete system takeover. The vulnerability is particularly critical because it involves arbitrary code execution via file parsing, a common attack vector in industrial control system (ICS) environments where V-SFT-6 is used for simulation and control tasks. No known exploits are currently reported in the wild, but the potential for weaponization exists given the nature of the flaw and the criticality of the affected systems in industrial settings. No patches or mitigation links are currently provided, indicating that affected organizations must prioritize risk assessment and interim protective measures.

For European organizations, especially those operating in industrial automation, manufacturing, and critical infrastructure sectors, this vulnerability poses a significant risk. V-SFT-6 is used in simulation and control environments, likely within industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Successful exploitation could lead to unauthorized control or disruption of industrial processes, causing operational downtime, safety hazards, and potential physical damage. Confidentiality breaches could expose sensitive operational data, while integrity and availability impacts could disrupt production lines or critical services. Given the high integration of industrial systems in European manufacturing hubs and critical infrastructure, the vulnerability could have cascading effects on supply chains and essential services. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, as insiders or compromised endpoints could be leveraged by attackers. The lack of known exploits in the wild provides a window for proactive defense, but the high severity score demands urgent attention.

1. Immediate risk assessment to identify all instances of V-SFT-6 v6.2.5.0 and earlier within the organization’s environment, focusing on industrial control and simulation systems. 2. Restrict access to systems running V-SFT-6 to trusted personnel only, implementing strict access controls and monitoring for suspicious activity. 3. Implement application whitelisting and endpoint protection solutions capable of detecting anomalous behavior related to VS6Sim.exe. 4. Educate users about the risks of opening untrusted or unexpected V9 and X1 files, enforcing strict file handling policies. 5. Isolate critical ICS/SCADA systems from general IT networks to reduce the risk of local exploitation via compromised endpoints. 6. Monitor vendor communications for patches or updates addressing this vulnerability and plan for rapid deployment once available. 7. Employ network segmentation and intrusion detection systems tailored for ICS environments to detect potential exploitation attempts. 8. Conduct regular security audits and penetration testing focused on ICS components to identify and remediate related weaknesses.