CVE-2025-66594

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:yokogawa:fast\/tools:*:*:*:*:*:*:*:*

History

06 Mar 2026, 20:27

Type	Values Removed	Values Added
CPE		cpe:2.3:a:yokogawa:fast\/tools::::::::
References	~~() https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf -~~	() https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
First Time		Yokogawa fast\/tools Yokogawa
Summary		(es) Se ha encontrado una vulnerabilidad en FAST/TOOLS proporcionado por Yokogawa Electric Corporation. Mensajes detallados se muestran en la página de error. Esta información podría ser explotada por un atacante para otros ataques. Los productos y versiones afectados son los siguientes: FAST/TOOLS (Paquetes: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 a R10.04

09 Feb 2026, 05:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-09 05:16

Updated : 2026-03-06 20:27

NVD link : CVE-2025-66594

Mitre link : CVE-2025-66594

CVE.ORG link : CVE-2025-66594

JSON object : View

Products Affected

yokogawa

fast\/tools

CWE

CWE-209

Generation of Error Message Containing Sensitive Information

{"id": "CVE-2025-66594", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "7168b535-132a-4efe-a076-338f829b2eb9", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-09T05:16:21.840", "references": [{"url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf", "tags": ["Vendor Advisory"], "source": "7168b535-132a-4efe-a076-338f829b2eb9"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "7168b535-132a-4efe-a076-338f829b2eb9", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\nDetailed messages are displayed on the error\npage. This information could be exploited by an attacker for other attacks.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04"}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en FAST/TOOLS proporcionado por Yokogawa Electric Corporation.\n\nMensajes detallados se muestran en la p\u00e1gina de error. Esta informaci\u00f3n podr\u00eda ser explotada por un atacante para otros ataques.\n\nLos productos y versiones afectados son los siguientes: FAST/TOOLS (Paquetes: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 a R10.04"}], "lastModified": "2026-03-06T20:27:20.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09CB375F-6336-400F-941D-1EFF531E6D59", "versionEndIncluding": "r10.04", "versionStartIncluding": "r9.01"}], "operator": "OR"}]}], "sourceIdentifier": "7168b535-132a-4efe-a076-338f829b2eb9"}