Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
AnalysisAI
Out-of-bounds read in Fuji Electric V-SFT 6.2.10.0 and earlier allows local attackers to extract sensitive memory contents and potentially achieve code execution by opening a malicious V7 project file. The vulnerability requires user interaction (opening a crafted file) but no authentication, with an EPSS probability requiring assessment. No public exploit identified at time of analysis, though JPCERT coordination suggests industrial targeting potential.
Technical ContextAI
This vulnerability (CWE-125: Out-of-bounds Read) exists in the VS6MemInIF!set_temp_type_default function within Fuji Electric's V-SFT software, a human-machine interface (HMI) configuration tool used in industrial automation environments. The affected component cpe:2.3:a:fuji_electric_co.,_ltd._/_hakko_electronics_co.,_ltd.:v-sft handles V7 project file parsing. Out-of-bounds read vulnerabilities occur when a program reads data past the end of an allocated buffer, potentially exposing sensitive memory contents such as process memory, cryptographic keys, or internal data structures. In file parsing contexts, attackers craft malicious input files with manipulated metadata or structure fields that cause the parser to reference memory addresses beyond intended boundaries. The CVSS 4.0 vector indicates local attack vector (AV:L) with low complexity (AC:L) and user interaction required (UI:A), suggesting the vulnerability triggers during normal file-open operations without requiring additional privileges (PR:N). The high confidentiality, integrity, and availability impacts (VC:H/VI:H/VA:H) indicate potential for information disclosure escalating to control-flow hijacking if combined with other memory corruption primitives.
RemediationAI
Upgrade to V-SFT version 6.2.10.1 or later as specified in the Fuji Electric official security advisory at https://felib.fujielectric.co.jp/en/M10010/M20060/document_detail/5d9dd71d-9494-41a4-aa5c-8e6b8b21066b?region=en-glb. Download patched versions exclusively from official Fuji Electric distribution channels to avoid supply chain compromise. Prior to patching, implement compensating controls including restricting V7 file sources to trusted internal repositories, scanning incoming project files with updated antivirus signatures, and applying application whitelisting to prevent unauthorized V-SFT executables. Configure email gateways and endpoint protection to block or quarantine V7 file attachments from external senders. For air-gapped industrial environments where immediate patching is operationally infeasible, enforce strict procedures requiring V7 files to undergo security review on isolated analysis systems before deployment to production engineering workstations. Monitor file access logs for anomalous V7 file opening patterns. Review network segmentation to ensure engineering workstations cannot directly access operational technology networks, limiting potential lateral movement if exploitation occurs. JPCERT coordination details at https://jvn.jp/en/vu/JVNVU90448293/ provide additional regional security guidance for Japanese industrial operators.
Stack-based buffer overflow in Fuji Electric/Hakko Electronics V-SFT versions through 6.2.10.0 enables arbitrary code ex
Stack-based buffer overflow in Fuji Electric/HAKKO Electronics V-SFT automation software (versions ≤6.2.10.0) allows arb
Out-of-bounds read in Fuji Electric V-SFT 6.2.10.0 and earlier allows local attackers to disclose sensitive information
Out-of-bounds read in Fuji Electric V-SFT industrial HMI software (versions ≤6.2.10.0) enables local attackers to disclo
Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' ver
Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6
Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earl
Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18102
GHSA-45jx-x35p-4xm6