LOW🇬🇧 English

CVE-2025-66606

CVSS 2.1v4.0pub. 2026-02-09upd. 2026-03-05

W produkcie FAST/TOOLS dostarczanym przez Yokogawa Electric Corporation odkryto lukę w zabezpieczeniach związaną z niewłaściwym kodowaniem adresów URL. Atakujący mógłby manipulować stronami internetowymi lub wykonywać złośliwe skrypty. Podatne są wersje FAST/TOOLS (pakiety: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) od R9.01 do R10.04.

Pokaż oryginał (EN)

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Yokogawa Fast\/tools

    APP
    Yokogawa
    r9.01 – r10.04
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-66597HIGH8.8ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2025-66608HIGH8.7ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does n...

CVE-2025-66598HIGH7.1ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2018-16196HIGH7.5ten sam produkt

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50)...

CVE-2025-66594MEDIUM6.9ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are...