CVE-2025-47754 – V-SFT v6.2.5.0 and earlier contain an out-of-bo... (How to Fix)

Q: What is the severity of CVE-2025-47754?

CVE-2025-47754 has a CVSS score of 7.8 (HIGH). V-SFT v6.2.5.0 and earlier contain an out-of-bounds read vulnerability in the Conv_Macro_Data function. Attackers can exploit this by tricking users into opening specially crafted V7 or V8 files, potentially leading to application crashes, information disclosure, or arbitrary code execution. This affects all users of vulnerable V-SFT versions.

📋 TL;DR

V-SFT v6.2.5.0 and earlier contain an out-of-bounds read vulnerability in the Conv_Macro_Data function. Attackers can exploit this by tricking users into opening specially crafted V7 or V8 files, potentially leading to application crashes, information disclosure, or arbitrary code execution. This affects all users of vulnerable V-SFT versions.

💻 Affected Systems

Products:

V-SFT

Versions: v6.2.5.0 and earlier

Operating Systems: Windows (based on typical V-SFT deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is triggered when opening specially crafted V7 or V8 files. All default configurations are vulnerable.

📦 What is this software?

Monitouch V Sft by Fujielectric

View all CVEs affecting Monitouch V Sft →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the V-SFT user, potentially leading to full system compromise.

🟠

Likely Case

Application crash and information disclosure from memory contents.

🟢

If Mitigated

Application crash without data loss if proper file validation and user privilege restrictions are in place.

🌐 Internet-Facing: MEDIUM - Requires user interaction to open malicious files, but could be delivered via email or web downloads.

🏢 Internal Only: MEDIUM - Similar risk profile, though attack surface may be more limited within internal networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open malicious files. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched version

Vendor Advisory: https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php

Restart Required: Yes

Instructions:

1. Visit the vendor advisory URL. 2. Download the latest V-SFT version. 3. Install the update following vendor instructions. 4. Restart the system if required.

🔧 Temporary Workarounds

Restrict file types

all

Block V7 and V8 file extensions at email gateways and web proxies

User training

all

Train users not to open untrusted V7/V8 files

🧯 If You Can't Patch

Restrict user privileges to minimize impact of potential code execution
Implement application whitelisting to prevent unauthorized executables

🔍 How to Verify

Check if Vulnerable:

Check V-SFT version in application about dialog or installation directory

Check Version:

Check V-SFT application properties or about dialog

Verify Fix Applied:

Verify installed version is newer than v6.2.5.0

📡 Detection & Monitoring

Log Indicators:

Application crash logs from V-SFT
Unexpected file access to V7/V8 extensions

Network Indicators:

Downloads of V7/V8 files from untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 Source='V-SFT' OR file_extension IN ('*.v7', '*.v8')

📊 Metadata

CVE ID: CVE-2025-47754

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

EPSS Score: 0.05% exploit probability (14.7th percentile)

Published: May 19, 2025

Last Updated: May 19, 2025

🔗 References

https://jvn.jp/en/vu/JVNVU97228144/ Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php Release Notes,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47754, you might also want to check these: