← back
CVE-2025-66596

CVE-2025-66596

CVSS 6.9 MEDIUMEPSS 0.2%CWE-601
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
Affected products
Yokogawa Electric Corporation · FAST/TOOLS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf