CVE-2025-47749
Published: 19 May 2025
Summary
CVE-2025-47749 is a high-severity Free of Pointer not at Start of Buffer (CWE-761) vulnerability in Fujielectric Monitouch V-Sft. Its CVSS base score is 8.4 (High).
Operationally, ranked at the 31.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-15677
Vulnerability details
V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.