CVE-2025-66599
Awaiting Analysis
Awaiting Analysis - Queue
Information Disclosure via Physical Path Exposure in Yokogawa FAST/TOOLS
Publication date: 2026-02-09
Last updated on: 2026-02-09
Assigner: YokogawaGroup
Description
Description
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Physical paths could
be displayed on web pages. This information could be exploited by an attacker
for other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yokogawa_electric_corporation | fast_tools | From 9.01 (inc) to 10.04 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
