Home

Description

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.

PUBLISHED Reserved 2025-07-30 | Published 2025-11-04 | Updated 2025-11-04 | Assigner icscert




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-121

Product status

Default status
unaffected

6.2.7.0
affected

6.2.8.0
unaffected

6.2.9.0 or newer.
unaffected

Credits

Rocco Calvi with TecSecurity working with Trend Micro Zero Day Initiative reported these vulnerabilities to CISA. finder

References

felib.fujielectric.co.jp/...rt=en_title&page=1®ion=en-glb

www.cisa.gov/news-events/ics-advisories/icsa-25-308-01

github.com/...p/csaf_files/OT/white/2025/icsa-25-308-01.json

cve.org (CVE-2025-54526)

nvd.nist.gov (CVE-2025-54526)

Download JSON