{ "document": { "acknowledgments": [ { "names": [ "Rocco Calvi" ], "organization": "TecSecurity", "summary": "reporting these vulnerabilities to Trend Micro Zero Day Initiative" }, { "organization": "Trend Micro Zero Day Initiative", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).", "title": "Legal Notice and Terms of Use" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Japan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-25-308-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-308-01.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-25-308-01 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-308-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks" } ], "title": "Fuji Electric Monitouch V-SFT-6 (Update A)", "tracking": { "current_release_date": "2025-12-16T07:00:00.000000Z", "generator": { "date": "2025-12-16T15:51:44.270468Z", "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-25-308-01", "initial_release_date": "2025-11-04T07:00:00.000000Z", "revision_history": [ { "date": "2025-11-04T07:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" }, { "date": "2025-12-16T07:00:00.000000Z", "legacy_version": "Update A", "number": "2", "summary": "Update A - Added CVE-2025-53524." } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "6.2.7.0", "product": { "name": "Fuji Electric Fuji Electric Monitouch V-SFT-6: 6.2.7.0", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "Fuji Electric Monitouch V-SFT-6" } ], "category": "vendor", "name": "Fuji Electric" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-54496", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A maliciously crafted project file may cause a heap-based buffer overflow, which may allow the attacker to execute arbitrary code.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2025-54496" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.", "product_ids": [ "CSAFPID-0001" ], "url": "https://felib.fujielectric.co.jp/en/document_search?tab=software&document1%5B1%5D=M10009&document2%5B1%5D=M20104&product1%5B1%5D=P10003&product2%5B1%5D=P20023&product3%5B1%5D=P30623&product4%5B1%5D=S11133&discontinued%5B1%5D=0&count=20&sort=en_title&page=1®ion=en-glb" }, { "category": "mitigation", "details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Do not click web links or open attachments in unsolicited email messages.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "mitigation", "details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2025-54526", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2025-54526" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.", "product_ids": [ "CSAFPID-0001" ], "url": "https://felib.fujielectric.co.jp/en/document_search?tab=software&document1%5B1%5D=M10009&document2%5B1%5D=M20104&product1%5B1%5D=P10003&product2%5B1%5D=P20023&product3%5B1%5D=P30623&product4%5B1%5D=S11133&discontinued%5B1%5D=0&count=20&sort=en_title&page=1®ion=en-glb" }, { "category": "mitigation", "details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Do not click web links or open attachments in unsolicited email messages.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "mitigation", "details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2025-53524", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2025-53524" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Fuji Electric has addressed these vulnerabilities in their October release (V-SFT V6.2.8.0). They recommend users update to V6.2.9.0 or newer.", "product_ids": [ "CSAFPID-0001" ], "url": "https://felib.fujielectric.co.jp/en/document_search?tab=software&document1%5B1%5D=M10009&document2%5B1%5D=M20104&product1%5B1%5D=P10003&product2%5B1%5D=P20023&product3%5B1%5D=P30623&product4%5B1%5D=S11133&discontinued%5B1%5D=0&count=20&sort=en_title&page=1®ion=en-glb" }, { "category": "mitigation", "details": "CISA recommends users take the following measures to protect themselves from social engineering attacks:", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Do not click web links or open attachments in unsolicited email messages.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "mitigation", "details": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }