Search criteria
2 vulnerabilities found for TELLUS by FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd.
CVE-2025-50130 (GCVE-0-2025-50130)
Vulnerability from cvelistv5 – Published: 2025-07-08 12:59 – Updated: 2025-07-08 13:33
VLAI?
Summary
A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD.
Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.
Severity ?
CWE
- CWE-122 - Heap-based buffer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT-6 |
Affected:
v6.2.5.0 and earlier
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-50130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:33:13.788717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T13:33:54.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "V-SFT-6",
"vendor": "FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "v6.2.5.0 and earlier"
}
]
},
{
"product": "TELLUS",
"vendor": "FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "v4.0.20.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD.\r\nOpening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based buffer overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T12:59:44.115Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU94011267/"
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/Search.php"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-50130",
"datePublished": "2025-07-08T12:59:44.115Z",
"dateReserved": "2025-06-13T02:38:24.373Z",
"dateUpdated": "2025-07-08T13:33:54.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-50130 (GCVE-0-2025-50130)
Vulnerability from nvd – Published: 2025-07-08 12:59 – Updated: 2025-07-08 13:33
VLAI?
Summary
A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD.
Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.
Severity ?
CWE
- CWE-122 - Heap-based buffer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT-6 |
Affected:
v6.2.5.0 and earlier
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-50130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:33:13.788717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T13:33:54.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "V-SFT-6",
"vendor": "FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "v6.2.5.0 and earlier"
}
]
},
{
"product": "TELLUS",
"vendor": "FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "v4.0.20.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD.\r\nOpening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based buffer overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T12:59:44.115Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU94011267/"
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/Search.php"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-50130",
"datePublished": "2025-07-08T12:59:44.115Z",
"dateReserved": "2025-06-13T02:38:24.373Z",
"dateUpdated": "2025-07-08T13:33:54.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}