CVE-2025-66604
Awaiting Analysis Awaiting Analysis - Queue
Information Disclosure in Yokogawa FAST/TOOLS Web Components

Publication date: 2026-02-09

Last updated on: 2026-03-05

Assigner: YokogawaGroup

Description
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be displayed on the web page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-03-05
Generated
2026-05-27
AI Q&A
2026-02-09
EPSS Evaluated
2026-05-25
NVD
CVE-2025-66604
EUVD
EUVD-2025-207169
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yokogawa fast/tools From r9.01 (inc) to r10.04 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the FAST/TOOLS software provided by Yokogawa Electric Corporation. Specifically, the library version information is displayed on the web page, which could be exploited by an attacker to facilitate other attacks.


How can this vulnerability impact me? :

The exposure of the library version on the web page can provide attackers with information that may help them identify weaknesses or plan further attacks against the system.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability involves the exposure of the library version on the web page of FAST/TOOLS products. Detection would involve checking the web interface of the affected FAST/TOOLS versions (R9.01 to R10.04) to see if the library version information is displayed.

Specific commands are not provided in the available information.


What immediate steps should I take to mitigate this vulnerability?

No specific mitigation steps are provided in the available information.

However, as the vulnerability is related to information disclosure via the web page, immediate steps could include restricting access to the web interface, applying access controls, or upgrading to a version where this issue is resolved.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart