Yokogawa Electric Corporation Fast Tools vulnerabilities
18 known vulnerabilities affecting yokogawa_electric_corporation/fast_tools.
Total CVEs
18
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH5MEDIUM10
Vulnerabilities
Page 1 of 1
CVE-2025-66602P2CRITICALCVSS 9.8≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66602 [CRITICAL] CWE-291 CVE-2025-66602: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web s
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
access by IP address. When a worm that randomly searches for IP addresses
intrudes into the network, it could potentially be attacked by the worm.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, H
nvd
CVE-2025-66603P3CRITICALCVSS 9.8≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66603 [CRITICAL] CWE-358 CVE-2025-66603: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web s
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
the OPTIONS method. An attacker could potentially use this information to carry
out other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66600P3HIGHCVSS 8.8≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66600 [HIGH] CWE-358 CVE-2025-66600: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product lacks
HSTS (HTTP Strict Transport Security) configuration. When an attacker performs
a Man in the middle (MITM) attack, communications with the web server could be
sniffed.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVR
nvd
CVE-2025-66606P3CRITICALCVSS 9.6≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66606 [CRITICAL] CWE-86 CVE-2025-66606: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly encode URLs. An attacker could tamper with web pages or execute
malicious scripts.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66608P3HIGHCVSS 7.5≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66608 [HIGH] CWE-29 CVE-2025-66608: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly validate URLs. An attacker could send specially crafted requests to
steal files from the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2026-11833P3HIGHCVSS 8.2≥ R9.01, ≤ R10.042026-06-23
CVE-2026-11833 [HIGH] CWE-319 CVE-2026-11833: Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a r
Overview:
A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could
be exploited by an attacker for other attacks.
The affected products and versions are as follows:
FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
nvd
CVE-2025-66597P3HIGHCVSS 7.5≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66597 [HIGH] CWE-327 CVE-2025-66597: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
weak cryptographic algorithms, potentially allowing an attacker to decrypt
communications with the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66598P3HIGHCVSS 7.5≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66598 [HIGH] CWE-327 CVE-2025-66598: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
old SSL/TLS versions, potentially allowing an attacker to decrypt
communications with the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66599P3MEDIUMCVSS 6.9≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66599 [MEDIUM] CWE-497 CVE-2025-66599: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Physical paths could
be displayed on web pages. This information could be exploited by an attacker
for other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2024-4105P4MEDIUMCVSS 5.8≥ R9.01, ≤ R10.042024-06-26
CVE-2024-4105 [MEDIUM] CWE-79 CVE-2024-4105: A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server's
A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server's function to process HTTP requests has a security flaw (Reflected XSS) that allows the execution of malicious scripts. Therefore, if a client PC with inadequate security measures accesses a product URL containing a malicious request, the malicious script m
nvd
CVE-2025-66601P4MEDIUMCVSS 6.1≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66601 [MEDIUM] CWE-358 CVE-2025-66601: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
specify MIME types. When an attacker performs a content sniffing attack,
malicious scripts could be executed.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66596P4MEDIUMCVSS 6.1≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66596 [MEDIUM] CWE-601 CVE-2025-66596: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly validate request headers. When an attacker inserts an invalid host
header, users could be redirected to malicious sites.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB
nvd
CVE-2024-4106P4MEDIUMCVSS 5.3≥ R9.01, ≤ R10.042024-06-26
CVE-2024-4106 [MEDIUM] CWE-258 CVE-2024-4106: A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in acco
A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in accounts with no passwords set. Therefore, if the product is operated without a password set by default, an attacker can break into the affected product.
The affected products and versions are as follows:
FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES,
nvd
CVE-2025-66594P4MEDIUMCVSS 5.3≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66594 [MEDIUM] CWE-209 CVE-2025-66594: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed me
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Detailed messages are displayed on the error
page. This information could be exploited by an attacker for other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66605P4MEDIUMCVSS 5.3≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66605 [MEDIUM] CWE-359 CVE-2025-66605: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since the
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Since there are input
fields on this webpage with the autocomplete attribute enabled, the input
content could be saved in the browser the user is using.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMO
nvd
CVE-2025-66607P4MEDIUMCVSS 5.3≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66607 [MEDIUM] CWE-358 CVE-2025-66607: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The respo
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The response header
contains an insecure setting. Users could be redirected to malicious sites by
an attacker.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66604P4MEDIUMCVSS 5.3≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66604 [MEDIUM] CWE-319 CVE-2025-66604: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The libra
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The library version
could be displayed on the web page. This information could be exploited by an
attacker for other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
nvd
CVE-2025-66595P4MEDIUMCVSS 5.4≥ R9.01, ≤ R10.042026-02-09
CVE-2025-66595 [MEDIUM] CWE-352 CVE-2025-66595: A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This prod
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product is
vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link
crafted by an attacker, the user’s account could be compromised.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES,
nvd