CVE-2025-50130
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT-6 | v6.2.5.0 and earlier | affected |
| FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | TELLUS | v4.0.20.0 and earlier | affected |
Weaknesses
- CWE-122: Heap-based buffer overflow
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://jvn.jp/en/vu/JVNVU94011267/
- https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php
- https://monitouch.fujielectric.com/site/download-e/03tellus_inf/Search.php
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.