CVE-2025-66606 | THREATINT

Description

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

PUBLISHED Reserved 2025-12-05 | Published 2026-02-09 | Updated 2026-02-09 | Assigner YokogawaGroup

LOW: 2.1CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Problem types

CWE-86

Product status

Default status

unknown

R9.01 (custom)

affected

References

web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf

cve.org (CVE-2025-66606)

nvd.nist.gov (CVE-2025-66606)

Download JSON