Cyber Posture

CVE-2026-32928

High

Published: 01 April 2026

Published
01 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 7.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-32928 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Fujielectric V-Sft. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 7.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the stack-based buffer overflow by identifying, reporting, and applying vendor patches for the specific flaw in V-SFT versions 6.2.10.0 and prior.

SI-16 Memory Protection good match
prevent

Implements memory safeguards such as stack canaries, ASLR, and DEP to prevent arbitrary code execution from the stack buffer overflow triggered by crafted V7 files.

SI-10 Information Input Validation partial match
prevent

Requires validation of V7 file inputs to the VS6ComFile!CSaveData::_conv_AnimationItem component, addressing malformed data that causes the buffer overflow.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Stack-based buffer overflow in V-SFT file parser (VS6ComFile!CSaveData::_conv_AnimationItem) enables RCE on opening a crafted V7 file; directly maps to client-side exploitation triggered by user opening malicious file (T1203 + T1204.002).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Deeper analysisAI

CVE-2026-32928 is a stack-based buffer overflow vulnerability (CWE-121) in V-SFT versions 6.2.10.0 and prior. The flaw exists in the VS6ComFile!CSaveData::_conv_AnimationItem component. It is triggered when opening a crafted V7 file, which may lead to arbitrary code execution on the affected product.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A local attacker with low complexity can exploit it by tricking a user into opening a malicious V7 file, requiring no privileges. Successful exploitation enables arbitrary code execution, resulting in high impacts to confidentiality, integrity, and availability on the local system.

Advisories published by Fuji Electric (https://felib.fujielectric.co.jp/en/M10010/M20060/document_detail/5d9dd71d-9494-41a4-aa5c-8e6b8b21066b?region=en-glb) and JVN (https://jvn.jp/en/vu/JVNVU90448293/) provide further details on mitigation, including any available patches or workarounds for affected V-SFT installations.

Details

CWE(s)
CWE-121

Affected Products

fujielectric
v-sft
≤ 6.2.10.0

CVEs Like This One

CVE-2026-32925Same product: Fujielectric V-Sft
CVE-2026-32926Same product: Fujielectric V-Sft
CVE-2026-32929Same product: Fujielectric V-Sft
CVE-2026-32927Same product: Fujielectric V-Sft
CVE-2025-46411Shared CWE-121
CVE-2026-0660Shared CWE-121
CVE-2026-27267Shared CWE-121
CVE-2026-26738Shared CWE-121
CVE-2025-54481Shared CWE-121
CVE-2025-24075Shared CWE-121

References