Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities found for VT STUDIO by KEYENCE CORPORATION.

    JVNDB-2025-014967

    Vulnerability from jvndb - Published: 2025-10-03 11:19 - Updated:2025-12-23 14:36
    Severity
    7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    Summary
    Multiple vulnerabilities in multiple Keyence products
    Details
    Multiple products provided by KEYENCE CORPORATION contain multiple vulnerabilities listed below.
    • Stack-based buffer overflow (CWE-121) - CVE-2025-58775, CVE-2025-58776
    • Access of uninitialized pointer (CWE-824) - CVE-2025-58777
    • Buffer underflow (CWE-124) - CVE-2025-61690
    • Out-of-bounds read (CWE-125) - CVE-2025-61691
    • Use after free (CWE-416) - CVE-2025-61692
    Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014967.html",
  "dc:date": "2025-12-23T14:36+09:00",
  "dcterms:issued": "2025-10-03T11:19+09:00",
  "dcterms:modified": "2025-12-23T14:36+09:00",
  "description": "Multiple products provided by KEYENCE CORPORATION contain multiple vulnerabilities listed below.\r\n\u003cul\u003e\r\n\u003cli\u003eStack-based buffer overflow (CWE-121) - CVE-2025-58775, CVE-2025-58776\u003c/li\u003e\r\n\u003cli\u003eAccess of uninitialized pointer (CWE-824) - CVE-2025-58777\u003c/li\u003e\r\n\u003cli\u003eBuffer underflow (CWE-124) - CVE-2025-61690\u003c/li\u003e\r\n\u003cli\u003eOut-of-bounds read (CWE-125) - CVE-2025-61691\u003c/li\u003e\r\n\u003cli\u003eUse after free (CWE-416) - CVE-2025-61692\u003c/li\u003e\r\n\u003c/ul\u003e\r\nMichael Heinzl reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-014967.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:keyence:keyence_vt5-wx12",
      "@product": "VT5-WX12",
      "@vendor": "KEYENCE CORPORATION.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:keyence:keyence_vt5-wx15",
      "@product": "VT5-WX15",
      "@vendor": "KEYENCE CORPORATION.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:keyence:keyence_vt_studio",
      "@product": "VT STUDIO",
      "@vendor": "KEYENCE CORPORATION.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:keyence:kv_replay_viewer",
      "@product": "KV REPLAY VIEWER",
      "@vendor": "KEYENCE CORPORATION.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:keyence:kv_studio",
      "@product": "KV STUDIO",
      "@vendor": "KEYENCE CORPORATION.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2025-014967",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU97069449/index.html",
      "@id": "JVNVU#97069449",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58775",
      "@id": "CVE-2025-58775",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58776",
      "@id": "CVE-2025-58776",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58777",
      "@id": "CVE-2025-58777",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61690",
      "@id": "CVE-2025-61690",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61691",
      "@id": "CVE-2025-61691",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-61692",
      "@id": "CVE-2025-61692",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2025-58777",
      "@id": "CVE-2025-58777",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2025-61691",
      "@id": "CVE-2025-61691",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2025-61692",
      "@id": "CVE-2025-61692",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/121.html",
      "@id": "CWE-121",
      "@title": "Stack-based Buffer Overflow(CWE-121)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/124.html",
      "@id": "CWE-124",
      "@title": "Buffer Underwrite (\u0027Buffer Underflow\u0027)(CWE-124)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/125.html",
      "@id": "CWE-125",
      "@title": "Out-of-bounds Read(CWE-125)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/416.html",
      "@id": "CWE-416",
      "@title": "Use After Free(CWE-416)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/824.html",
      "@id": "CWE-824",
      "@title": "Access of Uninitialized Pointer(CWE-824)"
    }
  ],
  "title": "Multiple vulnerabilities in multiple Keyence products"
}

    JVNDB-2024-003050

    Vulnerability from jvndb - Published: 2024-04-01 14:44 - Updated:2024-04-01 14:44
    Severity
    7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    Summary
    KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries
    Details
    VT STUDIO provided by KEYENCE CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427, CVE-2024-28099). KEYENCE CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003050.html",
  "dc:date": "2024-04-01T14:44+09:00",
  "dcterms:issued": "2024-04-01T14:44+09:00",
  "dcterms:modified": "2024-04-01T14:44+09:00",
  "description": "VT STUDIO provided by KEYENCE CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427, CVE-2024-28099).\r\n\r\nKEYENCE CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003050.html",
  "sec:cpe": {
    "#text": "cpe:/a:keyence:keyence_vt_studio",
    "@product": "VT STUDIO",
    "@vendor": "KEYENCE CORPORATION.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-003050",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU92825069/index.html",
      "@id": "JVNVU#92825069",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
      "@id": "JVNTA#91240916",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-28099",
      "@id": "CVE-2024-28099",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries"
}