PatchSiren cyber security CVE debrief
CVE-2024-11790 Fuji Electric CVE debrief
A stack-based buffer overflow vulnerability exists in Fuji Electric Monitouch V-SFT, an industrial control system (ICS) software used for programming human-machine interfaces (HMIs). The flaw occurs during parsing of V10 project files, where user-supplied data length is not properly validated before being copied to a stack buffer. Successful exploitation requires user interaction—specifically, opening a malicious V10 file or visiting a malicious page that triggers file handling. The vulnerability was disclosed by CISA on December 3, 2024, with an advisory update (Update A) published on April 24, 2025, confirming vendor patch availability. Fuji Electric released Monitouch V-SFT Version 6.2.6.0 in April 2025 to address this issue. The CVSS 3.1 score of 7.8 reflects high impact to confidentiality, integrity, and availability, with local attack vector and required user interaction lowering the score from critical thresholds. Organizations using affected versions (6.2.3.0 and earlier) in operational technology environments should prioritize patching due to the potential for arbitrary code execution in the context of engineering workstations.
- Vendor
- Fuji Electric
- Product
- Monitouch V-SFT
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-12-03
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-12-03
- Advisory updated
- 2025-05-06
Who should care
Organizations operating Fuji Electric Monitouch HMI systems, particularly manufacturing, energy, and critical infrastructure sectors using V-SFT for HMI programming and maintenance
Technical summary
Stack-based buffer overflow in V10 file parsing; arbitrary code execution with current process privileges; requires user to open malicious file or visit malicious page; patched in V-SFT 6.2.6.0
Defensive priority
high
Recommended defensive actions
- Upgrade Fuji Electric Monitouch V-SFT to version 6.2.6.0 or later, released April 2025
- Implement application whitelisting on engineering workstations to prevent execution of untrusted V-SFT instances
- Train operators and engineers to avoid opening V10 project files from untrusted sources
- Deploy endpoint protection with behavioral monitoring on HMI programming workstations
- Segment engineering workstations from operational networks to contain potential compromise
- Verify file integrity of V10 projects using cryptographic hashes before deployment to production systems
Evidence notes
Vulnerability disclosed via CISA ICS advisory ICSA-24-338-05. Advisory updated 2025-04-24 (Update A) to confirm Fuji Electric released patched version 6.2.6.0. Source confirms stack-based buffer overflow in V10 file parsing with user interaction requirement.
Official resources
-
CVE-2024-11790 CVE record
CVE.org
-
CVE-2024-11790 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-03