Fast Tools
CVE-2014-7251
LOW
Severity by source
AV:L/AC:L/Au:S/C:P/I:N/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:L/Au:S/C:P/I:N/A:P
Lifecycle Timeline
1DescriptionCVE.org
XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.
AnalysisAI
XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors. Affected products include: Yokogawa Fast\/Tools.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Fast Tools
View allYokogawa FAST/TOOLS has a second web server vulnerability involving improper cryptographic handling that weakens the sec
Yokogawa FAST/TOOLS SCADA has a vulnerability in its web server component enabling unauthorized access to the industrial
Yokogawa FAST/TOOLS has a third vulnerability involving improper encoding of output that could enable injection attacks
Information disclosure in Yokogawa FAST/TOOLS (R9.01-R10.04) and CI Server (R1.01-R1.04) allows unmodified network attac
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly v
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak crypt
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TL
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MI
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cr
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today