Fuji Electric Smart Editor

Plan Patch7.8ICS-CERT ICSA-25-168-04Jun 17, 2025

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Fuji Electric Smart Editor versions 1.0.1.0 and earlier contain buffer overflow and improper input validation vulnerabilities (CWE-125, CWE-787, CWE-121) that could allow arbitrary code execution. These vulnerabilities require local access and user interaction (opening a malicious file) to exploit. No public exploitation has been reported.

What this means

What could happen

An attacker with local access to a machine running Smart Editor could execute arbitrary code and compromise the engineering workstation, potentially allowing modification of control logic or settings for energy generation or distribution equipment.

Who's at risk

Energy sector organizations using Fuji Electric Smart Editor for programming and configuring industrial control devices, including those managing power generation, distribution, and related systems. Anyone with an engineering workstation running Smart Editor version 1.0.1.0 or earlier is at risk.

How it could be exploited

An attacker would need to trick a user into opening a malicious file or project in Smart Editor, or gain local access to the engineering workstation where Smart Editor is running. Once the vulnerability is triggered, the attacker can execute arbitrary code with the privileges of the user running Smart Editor.

Prerequisites

Local access to the machine running Smart Editor
User interaction required (opening a malicious file or project in Smart Editor)
Smart Editor version 1.0.1.0 or earlier installed

Low complexity attackUser interaction requiredLocal access only (not remotely exploitable)Affects engineering workstations which control critical infrastructure

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

Smart Editor: <=1.0.1.0≤ 1.0.1.01.0.2.0

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGRestrict local access to engineering workstations running Smart Editor by limiting who can log in and enforcing strong authentication

WORKAROUNDTrain operators and engineers not to open Smart Editor projects from untrusted sources or email attachments

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Smart Editor to version 1.0.2.0 or later

HARDENINGImplement file integrity monitoring on Smart Editor project files to detect unauthorized modifications

Long-term hardening

0/1

HARDENINGIsolate engineering workstations running Smart Editor from the business network using a dedicated engineering network or air-gapped configuration

CVEs (3)

CVE-2025-32412 CVE-2025-41413 CVE-2025-41388

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/153ff4c1-779d-46a6-859f-89f7abb2bee4