CVE-2025-61861 is an out-of-bounds read vulnerability identified in the VS6ComFile!load_link_inf function of the V-SFT software developed by FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd. This vulnerability affects versions 6.2.7.0 and earlier. The flaw arises when the software processes specially crafted V-SFT files, leading to an out-of-bounds read condition. This memory access violation can cause multiple adverse effects: disclosure of sensitive information from memory, abnormal termination of the application (ABEND), and potentially arbitrary code execution. The vulnerability requires local access with user interaction to open the malicious file, which means an attacker must trick a user into opening a crafted file within the vulnerable software environment. The CVSS v3.1 base score is 7.8, indicating high severity, with attack vector local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). No public exploits have been reported yet, but the potential for exploitation exists given the impact. The vulnerability is particularly concerning for industrial and manufacturing environments where V-SFT is used for automation and control tasks, as arbitrary code execution could lead to operational disruptions or sabotage.

For European organizations, especially those in manufacturing, industrial automation, and critical infrastructure sectors, this vulnerability poses significant risks. Exploitation could lead to leakage of sensitive operational data, disruption of industrial processes through application crashes, or full compromise of systems via arbitrary code execution. This could result in downtime, safety hazards, intellectual property theft, and damage to reputation. Since V-SFT is specialized software used in industrial settings, affected organizations may face operational interruptions and increased recovery costs. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate insider threats or phishing-based delivery of malicious files. The high confidentiality, integrity, and availability impacts mean that successful exploitation could have severe consequences for business continuity and safety compliance in European industrial environments.

1. Monitor FUJI ELECTRIC and Hakko Electronics official channels for patches addressing CVE-2025-61861 and apply them promptly once released. 2. Until patches are available, restrict access to V-SFT software and its associated file types to trusted users only. 3. Implement strict file handling policies to prevent opening untrusted or unsolicited V-SFT files, including user training to recognize suspicious files. 4. Use application whitelisting and endpoint protection solutions to detect and block abnormal behavior related to V-SFT processes. 5. Employ network segmentation to isolate systems running V-SFT from general user environments to reduce the risk of malicious file delivery. 6. Conduct regular audits of file access and monitor logs for unusual activity involving V-SFT files. 7. Consider deploying sandbox environments to analyze suspicious V-SFT files before allowing them on production systems. 8. Enhance user awareness programs focusing on social engineering risks that could lead to opening malicious files.