← Volver a CVEs
CVE-2025-66606
CRITICAL9.6
Descripcion
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
Detalles CVE
Puntuacion CVSS v3.19.6
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado2/9/2026
Ultima modificacion3/5/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
yokogawa:fast\/tools
Debilidades (CWE)
CWE-86
Referencias
https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf(7168b535-132a-4efe-a076-338f829b2eb9)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.