CVE-2025-66604
Awaiting Analysis Awaiting Analysis - Queue
Information Disclosure in Yokogawa FAST/TOOLS Web Components

Publication date: 2026-02-09

Last updated on: 2026-03-05

Assigner: YokogawaGroup

Description
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be displayed on the web page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-03-05
Generated
2026-06-16
AI Q&A
2026-02-09
EPSS Evaluated
2026-06-14
NVD
CVE-2025-66604
EUVD
EUVD-2025-207169
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yokogawa fast/tools From r9.01 (inc) to r10.04 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the FAST/TOOLS software provided by Yokogawa Electric Corporation. Specifically, the library version information is displayed on the web page, which could be exploited by an attacker to facilitate other attacks.

Impact Analysis

The exposure of the library version on the web page can provide attackers with information that may help them identify weaknesses or plan further attacks against the system.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves the exposure of the library version on the web page of FAST/TOOLS products. Detection would involve checking the web interface of the affected FAST/TOOLS versions (R9.01 to R10.04) to see if the library version information is displayed.

Specific commands are not provided in the available information.

Mitigation Strategies

No specific mitigation steps are provided in the available information.

However, as the vulnerability is related to information disclosure via the web page, immediate steps could include restricting access to the web interface, applying access controls, or upgrading to a version where this issue is resolved.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66604. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart