CVE-2025-66599
Information Disclosure via Physical Path Exposure in Yokogawa FAST/TOOLS
Publication date: 2026-02-09
Last updated on: 2026-02-09
Assigner: YokogawaGroup
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yokogawa_electric_corporation | fast_tools | From 9.01 (inc) to 10.04 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Can you explain this vulnerability to me?
This vulnerability exists in FAST/TOOLS software provided by Yokogawa Electric Corporation, specifically in versions R9.01 to R10.04 of certain packages.
The issue is that physical paths could be displayed on web pages. This exposure of physical path information could be exploited by an attacker to facilitate other attacks.
How can this vulnerability impact me? :
The vulnerability could allow attackers to gain information about the physical paths used by the system through web pages.
With this information, attackers might be able to plan and execute further attacks against the system, potentially compromising its security.