Fast Tools
CVE-2025-66602
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm.
The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
AnalysisAI
Yokogawa FAST/TOOLS SCADA has a vulnerability in its web server component enabling unauthorized access to the industrial control monitoring system.
Technical ContextAI
Yokogawa FAST/TOOLS has a CWE-291 reliance on IP address for authentication vulnerability in its web server component, allowing attackers to bypass access controls.
RemediationAI
Apply Yokogawa patches. Implement stronger authentication. Segment SCADA networks.
More in Fast Tools
View allYokogawa FAST/TOOLS has a second web server vulnerability involving improper cryptographic handling that weakens the sec
Yokogawa FAST/TOOLS has a third vulnerability involving improper encoding of output that could enable injection attacks
Information disclosure in Yokogawa FAST/TOOLS (R9.01-R10.04) and CI Server (R1.01-R1.04) allows unmodified network attac
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly v
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak crypt
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TL
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MI
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cr
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be dis
Same weakness CWE-291 – Reliance on IP Address for Authentication
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today