Cyber Resilience

CVE-2026-32928

High

Published: 01 April 2026

Published
01 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 11.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-32928 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Fujielectric V-Sft. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 11.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-32928 is a stack-based buffer overflow vulnerability (CWE-121) in V-SFT versions 6.2.10.0 and prior. The flaw exists in the VS6ComFile!CSaveData::_conv_AnimationItem component. It is triggered when opening a crafted V7 file, which may lead to arbitrary code execution on the affected product.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A local attacker with low complexity can exploit it by tricking a user into opening a malicious V7 file, requiring no privileges. Successful exploitation enables arbitrary code execution, resulting in high impacts to confidentiality, integrity, and availability on the local system.

Advisories published by Fuji Electric (https://felib.fujielectric.co.jp/en/M10010/M20060/document_detail/5d9dd71d-9494-41a4-aa5c-8e6b8b21066b?region=en-glb) and JVN (https://jvn.jp/en/vu/JVNVU90448293/) provide further details on mitigation, including any available patches or workarounds for affected V-SFT installations.

EU & UK References

Vulnerability details

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Stack-based buffer overflow in V-SFT file parser (VS6ComFile!CSaveData::_conv_AnimationItem) enables RCE on opening a crafted V7 file; directly maps to client-side exploitation triggered by user opening malicious file (T1203 + T1204.002).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-32925Same product: Fujielectric V-Sft
CVE-2026-32929Same product: Fujielectric V-Sft
CVE-2026-32926Same product: Fujielectric V-Sft
CVE-2026-32927Same product: Fujielectric V-Sft
CVE-2026-0660Shared CWE-121
CVE-2026-42468Shared CWE-121
CVE-2026-27267Shared CWE-121
CVE-2025-54483Shared CWE-121
CVE-2026-34690Shared CWE-121
CVE-2025-24075Shared CWE-121

Affected Assets

fujielectric
v-sft
≤ 6.2.10.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the stack-based buffer overflow by identifying, reporting, and applying vendor patches for the specific flaw in V-SFT versions 6.2.10.0 and prior.

prevent

Implements memory safeguards such as stack canaries, ASLR, and DEP to prevent arbitrary code execution from the stack buffer overflow triggered by crafted V7 files.

prevent

Requires validation of V7 file inputs to the VS6ComFile!CSaveData::_conv_AnimationItem component, addressing malformed data that causes the buffer overflow.

References