PatchSiren cyber security CVE debrief
CVE-2024-11792 Fuji Electric CVE debrief
A stack-based buffer overflow vulnerability exists in Fuji Electric Monitouch V-SFT, an HMI (Human-Machine Interface) development software used in industrial control systems. The flaw occurs during parsing of V8 project files, where user-supplied data length is not properly validated before being copied to a stack buffer. Successful exploitation requires user interaction—the target must open a malicious V8 file or visit a malicious page that triggers the vulnerable code path. The vulnerability was disclosed by CISA on December 3, 2024, with an update published on May 6, 2025, confirming vendor remediation. Fuji Electric released Monitouch V-SFT Version 6.2.6.0 in April 2025 to address this issue. The CVSS 3.1 score of 7.8 reflects high impact to confidentiality, integrity, and availability, though attack complexity is low and requires local attack vector with user interaction. Organizations using affected versions (6.2.3.0 and earlier) should prioritize updating to the patched release and implement defense-in-depth controls for file handling in OT environments.
- Vendor
- Fuji Electric
- Product
- Monitouch V-SFT
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-12-03
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-12-03
- Advisory updated
- 2025-05-06
Who should care
Industrial control system operators, OT security teams, and manufacturing organizations using Fuji Electric Monitouch V-SFT for HMI development should prioritize this vulnerability. The software is deployed in engineering workstations for programming operator interfaces across various industrial sectors. Organizations with unpatched versions face risk of arbitrary code execution through social engineering or supply chain compromise of project files.
Technical summary
The vulnerability exists in the V8 file parsing component of Fuji Electric Monitouch V-SFT HMI development software. Insufficient validation of user-supplied data length leads to stack-based buffer overflow when processing crafted V8 project files. The attack requires local access with user interaction (opening malicious file or page). Code execution occurs in context of current process. Fixed in Version 6.2.6.0 released April 2025.
Defensive priority
HIGH
Recommended defensive actions
- Update Fuji Electric Monitouch V-SFT to Version 6.2.6.0 or later to remediate the stack-based buffer overflow vulnerability
- Implement application whitelisting and endpoint protection on engineering workstations running Monitouch V-SFT
- Train operators and engineers to avoid opening untrusted V8 project files from unknown sources
- Apply principle of least privilege to Monitouch V-SFT processes and restrict network access for HMI development systems
- Monitor for anomalous process behavior or unexpected network connections from Monitouch V-SFT installations
- Review and implement CISA ICS recommended practices for defense-in-depth in industrial control environments
Evidence notes
Vulnerability disclosed via CISA ICS advisory ICSA-24-338-05. Source confirms stack-based buffer overflow in V8 file parsing with user interaction requirement. Vendor fix released April 2025 as Version 6.2.6.0. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Official resources
-
CVE-2024-11792 CVE record
CVE.org
-
CVE-2024-11792 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-03