CVE-2025-66607 | THREATINT

Description

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an insecure setting. Users could be redirected to malicious sites by an attacker. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

PUBLISHED Reserved 2025-12-05 | Published 2026-02-09 | Updated 2026-02-09 | Assigner YokogawaGroup

MEDIUM: 6.3CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-358

Product status

Default status

unknown

R9.01 (custom)

affected

References

web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf

cve.org (CVE-2025-66607)

nvd.nist.gov (CVE-2025-66607)

Download JSON