CVE-2025-50130
📋 TL;DR
A heap-based buffer overflow vulnerability in VS6Sim.exe within FUJI ELECTRIC's V-SFT and TELLUS software allows attackers to execute arbitrary code by tricking users into opening specially crafted V9 or X1 files. This affects industrial control system operators using these products for monitoring and control. Successful exploitation could compromise industrial processes and systems.
💻 Affected Systems
- V-SFT
- TELLUS
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise leading to arbitrary code execution, potential disruption of industrial processes, data theft, or lateral movement within OT networks.
Likely Case
Local privilege escalation or system compromise when users open malicious files, potentially affecting individual workstations running the vulnerable software.
If Mitigated
Limited impact if proper network segmentation, least privilege, and file validation controls are implemented, restricting the attack surface.
🎯 Exploit Status
Exploitation requires user interaction (opening malicious file) and knowledge of file format structure; no public exploit code identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific version
Vendor Advisory: https://monitouch.fujielectric.com/site/download-e/03tellus_inf/Search.php
Restart Required: Yes
Instructions:
1. Visit the vendor advisory URL
2. Download the latest security update for your product
3. Apply the update following vendor instructions
4. Restart the system as required
🔧 Temporary Workarounds
Restrict file execution
windowsBlock execution of VS6Sim.exe or restrict opening of V9/X1 files from untrusted sources
User awareness training
allTrain users not to open files from unknown or untrusted sources
🧯 If You Can't Patch
- Implement application whitelisting to prevent unauthorized execution of VS6Sim.exe
- Segment networks to isolate systems running vulnerable software from critical infrastructure
🔍 How to Verify
Check if Vulnerable:
Check if VS6Sim.exe exists on system and version is prior to patched release; review vendor advisory for version specificsCheck Version:
Check software version through product interface or vendor documentationVerify Fix Applied:
Verify installed version matches or exceeds patched version listed in vendor advisory📡 Detection & Monitoring
Log Indicators:
- Unusual process creation of VS6Sim.exe
- Failed attempts to open corrupted V9/X1 files
- Unexpected system crashes or memory errors
Network Indicators:
- Unusual file transfers to systems running vulnerable software
- Network connections from VS6Sim.exe to unexpected destinations
SIEM Query:
Process creation where image path contains 'VS6Sim.exe' AND command line contains '.v9' OR '.x1'