CVE 8.7 HIGH

CVE-2025-66608_CVE-2025-66608

February 8, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product does not
properly validate URLs. An attacker could send specially crafted requests to
steal files from the web server.

The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04

AI Analysis

A vulnerability in FAST/TOOLS allows attackers to steal files from the web server by sending specially crafted requests due to improper URL validation.

Basic Information

ID CVE-2025-66608

Source YokogawaGroup

Published Feb 9, 2026 at 03:11

Affected Product

Vendor Yokogawa Electric Corporation

Product FAST/TOOLS

Version R9.01

Affected Versions Yokogawa Electric Corporation FAST/TOOLS R9.01

CWE Classification

CWE-29

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Yokogawa Electric Corporation

Product FAST/TOOLS

Version R9.01 to R10.04

References

web-material3.yokogawa.com /1/39206/files/YSAR-26-0001-E.pdf

{
    "lastseen": "",
    "description": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThis product does not\nproperly validate URLs. An attacker could send specially crafted requests to\nsteal files from the web server.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
    "published": "2026-02-09T03:11:56.893Z",
    "modified": "2026-02-09T03:11:56.893Z",
    "type": "cve",
    "title": "CVE-2025-66608",
    "source": "YokogawaGroup",
    "references": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf",
    "id": "CVE-2025-66608",
    "bulletinFamily": "",
    "cwe": [
        "CWE-29"
    ],
    "cvelist": null,
    "sourceData": "Yokogawa Electric Corporation FAST/TOOLS R9.01",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FAST/TOOLS",
    "version": "R9.01",
    "vendor": "Yokogawa Electric Corporation",
    "ai_description": "A vulnerability in FAST/TOOLS allows attackers to steal files from the web server by sending specially crafted requests due to improper URL validation.",
    "ai_severity": "High",
    "ai_vendor": "Yokogawa Electric Corporation",
    "ai_product": "FAST/TOOLS",
    "ai_version": "R9.01 to R10.04",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply