CVE-2025-61859 is an out-of-bounds write vulnerability identified in the V-SFT software developed by FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd., specifically affecting versions 6.2.7.0 and earlier. The vulnerability resides in the VS6ComFile!CItemDraw::is_motion_tween function, which is involved in processing motion tween data within V-SFT files. When a specially crafted V-SFT file is opened, this vulnerability can be triggered, causing the software to write data outside the bounds of allocated memory buffers. This memory corruption can lead to multiple adverse effects, including information disclosure, abnormal system termination (ABEND), and potentially arbitrary code execution. The CVSS v3.1 base score is 7.8, indicating high severity, with an attack vector classified as local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). No known exploits have been reported in the wild as of the publication date. The vulnerability is particularly concerning for environments where V-SFT is used for industrial automation or control systems, as exploitation could disrupt critical processes or lead to unauthorized access to sensitive operational data.

For European organizations, especially those in manufacturing, industrial automation, and critical infrastructure sectors that utilize V-SFT software, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of sensitive operational data, disruption of industrial processes due to abnormal system termination, and potential takeover of affected systems through arbitrary code execution. This could result in operational downtime, safety hazards, financial losses, and damage to reputation. Given the local attack vector and requirement for user interaction, the threat is more likely to materialize through insider threats or targeted attacks involving malicious file delivery. The impact is amplified in sectors where V-SFT is integral to control systems, such as automotive manufacturing, energy production, and chemical processing plants prevalent in countries like Germany, France, and Italy.

1. Apply vendor-provided patches or updates for V-SFT as soon as they become available to remediate the vulnerability. 2. Implement strict file handling policies to restrict the opening of V-SFT files from untrusted or unknown sources. 3. Educate users about the risks of opening unsolicited or suspicious V-SFT files to reduce the likelihood of triggering the vulnerability. 4. Employ application whitelisting and sandboxing techniques to isolate V-SFT processes and limit the impact of potential exploitation. 5. Monitor system logs and network traffic for unusual activity related to V-SFT file processing. 6. Conduct regular security assessments and penetration testing focused on industrial control systems to identify and mitigate similar vulnerabilities proactively. 7. Consider network segmentation to isolate systems running V-SFT from general IT networks, reducing exposure to local attacks.