MEDIUM🇵🇱 Wersja polska

CVE-2025-66596

CVSS 6.9v4.0pub. 2026-02-09upd. 2026-03-06

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Yokogawa Fast\/tools

    APP
    Yokogawa
    r9.01 – r10.04
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-66597HIGH8.8ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2025-66608HIGH8.7ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does n...

CVE-2025-66598HIGH7.1ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...

CVE-2018-16196HIGH7.5ten sam produkt

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50)...

CVE-2025-66594MEDIUM6.9ten sam produkt

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are...