CVE-2025-47749 — HIGH (7.8)

Q: How severe is CVE-2025-47749?

CVE-2025-47749 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-47749?

Check the references section above for vendor advisories and patch information. Affected products include: Fujielectric Monitouch V-Sft.

Vulnerability Description

V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fujielectric	Monitouch V-Sft	>= 6.0.1.0, < 6.2.6.0

Related Weaknesses (CWE)

CWE-763 CWE-761

References

https://jvn.jp/en/vu/JVNVU97228144/Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.phpRelease NotesVendor Advisory

FAQ

What is CVE-2025-47749?

CVE-2025-47749 is a vulnerability with a CVSS score of 7.8 (HIGH). V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to ...

How severe is CVE-2025-47749?

CVE-2025-47749 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-47749?

Check the references section above for vendor advisories and patch information. Affected products include: Fujielectric Monitouch V-Sft.