CVE-2025-50130 | THREATINT

Description

A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.

PUBLISHED Reserved 2025-06-13 | Published 2025-07-08 | Updated 2025-07-08 | Assigner jpcert

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Heap-based buffer overflow

Product status

v6.2.5.0 and earlier

affected

v4.0.20.0 and earlier

affected

References

jvn.jp/en/vu/JVNVU94011267/

monitouch.fujielectric.com/...nload-e/09vsft6_inf/Search.php

monitouch.fujielectric.com/...load-e/03tellus_inf/Search.php

cve.org (CVE-2025-50130)

nvd.nist.gov (CVE-2025-50130)

Download JSON