Vulnerabilites related to keyence - vt_studio
Vulnerability from fkie_nvd
Published
2025-10-02 06:15
Modified
2025-10-07 14:13
Severity ?
Summary
VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
▼ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU97069449/ | Third Party Advisory | |
vultures@jpcert.or.jp | https://www.keyence.com/vt_vulnerability250930 | Mitigation, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:keyence:vt_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C43F262-7EA1-4D20-80BD-B9725B374038", "versionEndIncluding": "8.53", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "id": "CVE-2025-61691", "lastModified": "2025-10-07T14:13:05.040", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ], "cvssMetricV40": [ { "cvssData": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ] }, "published": "2025-10-02T06:15:37.917", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU97069449/" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.keyence.com/vt_vulnerability250930" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "vultures@jpcert.or.jp", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2025-10-02 06:15
Modified
2025-10-07 14:09
Severity ?
Summary
VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
▼ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU97069449/ | Third Party Advisory | |
vultures@jpcert.or.jp | https://www.keyence.com/vt_vulnerability250930 | Mitigation, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:keyence:vt_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C43F262-7EA1-4D20-80BD-B9725B374038", "versionEndIncluding": "8.53", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "id": "CVE-2025-61692", "lastModified": "2025-10-07T14:09:27.000", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ], "cvssMetricV40": [ { "cvssData": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ] }, "published": "2025-10-02T06:15:38.193", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU97069449/" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.keyence.com/vt_vulnerability250930" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "vultures@jpcert.or.jp", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-04-15 11:15
Modified
2025-06-30 13:50
Severity ?
Summary
VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.
References
▼ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU92825069/ | Third Party Advisory | |
vultures@jpcert.or.jp | https://www.keyence.com/vt_vulnerability240329_en | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU92825069/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.keyence.com/vt_vulnerability240329_en | Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:keyence:vt_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8E3CAC6-A174-42ED-B6BE-8E160A545480", "versionEndIncluding": "8.32", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application." }, { "lang": "es", "value": "VT STUDIO Ver.8.32 y anteriores contienen un problema con la ruta de b\u00fasqueda de DLL, lo que puede provocar que se carguen bibliotecas de v\u00ednculos din\u00e1micos de forma insegura. Como resultado, se puede ejecutar c\u00f3digo arbitrario con los privilegios de la aplicaci\u00f3n en ejecuci\u00f3n." } ], "id": "CVE-2024-28099", "lastModified": "2025-06-30T13:50:39.527", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2024-04-15T11:15:08.397", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU92825069/" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Vendor Advisory" ], "url": "https://www.keyence.com/vt_vulnerability240329_en" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU92825069/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.keyence.com/vt_vulnerability240329_en" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2025-10-02 06:15
Modified
2025-10-07 14:19
Severity ?
Summary
VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
▼ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU97069449/ | Third Party Advisory | |
vultures@jpcert.or.jp | https://www.keyence.com/vt_vulnerability250930 | Mitigation, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:keyence:vt_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C43F262-7EA1-4D20-80BD-B9725B374038", "versionEndIncluding": "8.53", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "id": "CVE-2025-58777", "lastModified": "2025-10-07T14:19:31.197", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ], "cvssMetricV40": [ { "cvssData": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "source": "vultures@jpcert.or.jp", "type": "Secondary" } ] }, "published": "2025-10-02T06:15:37.377", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/en/vu/JVNVU97069449/" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.keyence.com/vt_vulnerability250930" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-824" } ], "source": "vultures@jpcert.or.jp", "type": "Primary" } ] }
CVE-2025-58777 (GCVE-0-2025-58777)
Vulnerability from cvelistv5
Published
2025-10-02 05:50
Modified
2025-10-02 17:58
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of uninitialized pointer
Summary
VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
KEYENCE CORPORATION | VT STUDIO |
Version: 8.53 and prior |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-58777", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-10-02T17:57:54.842895Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-10-02T17:58:25.822Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "VT STUDIO", "vendor": "KEYENCE CORPORATION", "versions": [ { "status": "affected", "version": "8.53 and prior" } ] } ], "descriptions": [ { "lang": "en", "value": "VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-824", "description": "Access of uninitialized pointer", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-10-02T05:50:40.304Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.keyence.com/vt_vulnerability250930" }, { "url": "https://jvn.jp/en/vu/JVNVU97069449/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2025-58777", "datePublished": "2025-10-02T05:50:40.304Z", "dateReserved": "2025-09-04T23:51:55.196Z", "dateUpdated": "2025-10-02T17:58:25.822Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-61691 (GCVE-0-2025-61691)
Vulnerability from cvelistv5
Published
2025-10-02 05:51
Modified
2025-10-02 17:57
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
KEYENCE CORPORATION | VT STUDIO |
Version: 8.53 and prior |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-61691", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-10-02T17:57:06.178851Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-10-02T17:57:21.788Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "VT STUDIO", "vendor": "KEYENCE CORPORATION", "versions": [ { "status": "affected", "version": "8.53 and prior" } ] } ], "descriptions": [ { "lang": "en", "value": "VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-10-02T05:51:13.591Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.keyence.com/vt_vulnerability250930" }, { "url": "https://jvn.jp/en/vu/JVNVU97069449/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2025-61691", "datePublished": "2025-10-02T05:51:13.591Z", "dateReserved": "2025-09-30T01:01:11.479Z", "dateUpdated": "2025-10-02T17:57:21.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-61692 (GCVE-0-2025-61692)
Vulnerability from cvelistv5
Published
2025-10-02 05:51
Modified
2025-10-02 17:33
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use after free
Summary
VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
KEYENCE CORPORATION | VT STUDIO |
Version: 8.53 and prior |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-61692", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-10-02T17:32:59.215223Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-10-02T17:33:11.276Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "VT STUDIO", "vendor": "KEYENCE CORPORATION", "versions": [ { "status": "affected", "version": "8.53 and prior" } ] } ], "descriptions": [ { "lang": "en", "value": "VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] }, { "cvssV4_0": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use after free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-10-02T05:51:26.096Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.keyence.com/vt_vulnerability250930" }, { "url": "https://jvn.jp/en/vu/JVNVU97069449/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2025-61692", "datePublished": "2025-10-02T05:51:26.096Z", "dateReserved": "2025-09-30T01:01:11.479Z", "dateUpdated": "2025-10-02T17:33:11.276Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-28099 (GCVE-0-2024-28099)
Vulnerability from cvelistv5
Published
2024-04-15 10:31
Modified
2024-08-08 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncontrolled Search Path Element
Summary
VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
KEYENCE CORPORATION | VT STUDIO |
Version: Ver.8.32 and earlier |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T00:48:48.246Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.keyence.com/vt_vulnerability240329_en" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/vu/JVNVU92825069/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:keyence:vt_studio:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "vt_studio", "vendor": "keyence", "versions": [ { "lessThanOrEqual": "8.32", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-28099", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-15T13:09:19.194914Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-08T19:16:52.084Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "VT STUDIO", "vendor": "KEYENCE CORPORATION", "versions": [ { "status": "affected", "version": "Ver.8.32 and earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application." } ], "problemTypes": [ { "descriptions": [ { "description": "Uncontrolled Search Path Element", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-15T10:31:34.198Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.keyence.com/vt_vulnerability240329_en" }, { "url": "https://jvn.jp/en/vu/JVNVU92825069/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2024-28099", "datePublished": "2024-04-15T10:31:34.198Z", "dateReserved": "2024-03-04T09:32:23.787Z", "dateUpdated": "2024-08-08T19:16:52.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }