CVE-2025-66602
Awaiting Analysis
Awaiting Analysis - Queue
IP-Based Access Vulnerability in Yokogawa FAST/TOOLS Web Server
Publication date: 2026-02-09
Last updated on: 2026-03-05
Assigner: YokogawaGroup
Description
Description
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
access by IP address. When a worm that randomly searches for IP addresses
intrudes into the network, it could potentially be attacked by the worm.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yokogawa | fast/tools | From r9.01 (inc) to r10.04 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-291 | The product uses an IP address for authentication. |
