HIGH🇵🇱 Wersja polska

CVE-2025-66608

CVSS 8.7v4.0pub. 2026-02-09upd. 2026-03-06

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Yokogawa Fast\/tools

    APP
    Yokogawa
    r9.01 – r10.04
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-66598HIGH7.1ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2025-66597HIGH8.8ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2018-16196HIGH7.5ten sam produkt

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50)...

CVE-2025-66594MEDIUM6.9ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are...

CVE-2025-66596MEDIUM6.9ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does n...