MidnightBSD

Advisories for keyence

CVE-2023-42138

Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and earlier and KV REPLAY VIEWER Ver. 2.62 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user of KV STUDIO PLAYER open a specially crafted file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
keyence kv_studio *
keyence kv_replay_viewer *
CVE-2024-28099

VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.

Products Affected

Vendor Product Version
keyence vt_studio *
CVE-2024-29218

Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier, KV REPLAY VIEWER Ver.2.64 and earlier, and VT5-WX15/WX12 Ver.6.02 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file.

Products Affected

Vendor Product Version
keyence kv_studio *
keyence vt5-wx12_firmware *
keyence kv_replay_viewer *
keyence vt5-wx15_firmware *
CVE-2024-29219

Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, and VT5-WX15/WX12 Ver.6.02 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file.

Products Affected

Vendor Product Version
keyence kv_studio *
keyence vt5-wx12_firmware *
keyence kv_replay_viewer *
keyence vt5-wx15_firmware *
CVE-2025-58777

VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vultures@jpcert.or.jp 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
keyence vt_studio *
CVE-2025-61691

VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vultures@jpcert.or.jp 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
keyence vt_studio *
CVE-2025-61692

VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vultures@jpcert.or.jp 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
keyence vt_studio *