CVE-2022-29522 – A use-after-free vulnerability in the simulator... (How to Fix)

Q: What is the severity of CVE-2022-29522?

CVE-2022-29522 has a CVSS score of 7.8 (HIGH). A use-after-free vulnerability in the simulator module of Fuji Electric's V-SFT graphic editor allows attackers to execute arbitrary code or leak information by tricking users into opening malicious image files. This affects all V-SFT versions prior to 6.1.6.0. Users who open untrusted image files with this software are at risk.

📋 TL;DR

A use-after-free vulnerability in the simulator module of Fuji Electric's V-SFT graphic editor allows attackers to execute arbitrary code or leak information by tricking users into opening malicious image files. This affects all V-SFT versions prior to 6.1.6.0. Users who open untrusted image files with this software are at risk.

💻 Affected Systems

Products:

Fuji Electric V-SFT graphic editor

Versions: All versions prior to v6.1.6.0

Operating Systems: Windows (based on typical industrial software deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in simulator module when processing image files. Requires user interaction to trigger.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with remote code execution leading to data theft, ransomware deployment, or lateral movement within networks.

🟠

Likely Case

Local privilege escalation or information disclosure when users open specially crafted image files from untrusted sources.

🟢

If Mitigated

Limited impact with proper user training and file restrictions, though vulnerability remains present in software.

🌐 Internet-Facing: LOW - Requires user interaction to open malicious files, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or malicious documents, potentially leading to lateral movement.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user to open malicious file. Use-after-free vulnerabilities typically require careful memory manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v6.1.6.0

Vendor Advisory: https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php

Restart Required: Yes

Instructions:

1. Download V-SFT v6.1.6.0 from Fuji Electric's website. 2. Uninstall previous version. 3. Install new version. 4. Restart system.

🔧 Temporary Workarounds

Restrict file types

windows

Block opening of untrusted image files with V-SFT using application whitelisting or file extension restrictions.

User training

all

Train users not to open image files from untrusted sources with V-SFT software.

🧯 If You Can't Patch

Isolate V-SFT systems from critical networks and implement strict network segmentation
Implement application control to prevent execution of unauthorized code and monitor for suspicious file access

🔍 How to Verify

Check if Vulnerable:

Check V-SFT version in Help > About menu. If version is below 6.1.6.0, system is vulnerable.

Check Version:

Check Help > About menu in V-SFT application interface

Verify Fix Applied:

Confirm version shows 6.1.6.0 or higher in Help > About menu after update.

📡 Detection & Monitoring

Log Indicators:

Application crashes of V-SFT.exe
Unusual file access patterns to image files
Process creation from V-SFT with suspicious parameters

Network Indicators:

Outbound connections from V-SFT process to unexpected destinations
File transfers initiated after V-SFT execution

SIEM Query:

Process:V-SFT.exe AND (EventID:1000 OR ParentImage:*cmd.exe* OR ParentImage:*powershell.exe*)

📊 Metadata

CVE ID: CVE-2022-29522

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: June 14, 2022

Last Updated: November 21, 2024

🔗 References

https://jvn.jp/en/vu/JVNVU99188133/index.html Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php Vendor Advisory
https://jvn.jp/en/vu/JVNVU99188133/index.html Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29522, you might also want to check these: