CVE-2025-66596

Summary

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites.

The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

Affected Software

VendorProductVersion RangeStatus
Yokogawa Electric CorporationFAST/TOOLSR9.01 <= R10.04affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References