{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-66602", "assignerOrgId": "7168b535-132a-4efe-a076-338f829b2eb9", "state": "PUBLISHED", "assignerShortName": "YokogawaGroup", "dateReserved": "2025-12-05T05:04:18.583Z", "datePublished": "2026-02-09T03:16:47.620Z", "dateUpdated": "2026-02-09T19:06:18.987Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "FAST/TOOLS", "vendor": "Yokogawa Electric Corporation", "versions": [{"lessThanOrEqual": "R10.04", "status": "affected", "version": "R9.01", "versionType": "custom"}]}], "datePublic": "2026-02-09T03:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.</p>\n\n<p>The web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.</p>\n\n<p>The\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04</p>"}], "value": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04"}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-291", "description": "CWE-291", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7168b535-132a-4efe-a076-338f829b2eb9", "shortName": "YokogawaGroup", "dateUpdated": "2026-02-09T03:16:47.620Z"}, "references": [{"url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T19:04:12.574305Z", "id": "CVE-2025-66602", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T19:06:18.987Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-66602", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T19:04:12.574305Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T19:04:13.407Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Yokogawa Electric Corporation", "product": "FAST/TOOLS", "versions": [{"status": "affected", "version": "R9.01", "versionType": "custom", "lessThanOrEqual": "R10.04"}], "defaultStatus": "unknown"}], "datePublic": "2026-02-09T03:00:00.000Z", "references": [{"url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.</p>\n\n<p>The web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.</p>\n\n<p>The\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-291", "description": "CWE-291"}]}], "providerMetadata": {"orgId": "7168b535-132a-4efe-a076-338f829b2eb9", "shortName": "YokogawaGroup", "dateUpdated": "2026-02-09T03:16:47.620Z"}}}, "cveMetadata": {"cveId": "CVE-2025-66602", "state": "PUBLISHED", "dateUpdated": "2026-02-09T19:06:18.987Z", "dateReserved": "2025-12-05T05:04:18.583Z", "assignerOrgId": "7168b535-132a-4efe-a076-338f829b2eb9", "datePublished": "2026-02-09T03:16:47.620Z", "assignerShortName": "YokogawaGroup"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "09CB375F-6336-400F-941D-1EFF531E6D59", "versionEndIncluding": "r10.04", "versionStartIncluding": "r9.01", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04"}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en FAST/TOOLS proporcionado por Yokogawa Electric Corporation.\n\nEl servidor web acepta el acceso por direcci\u00f3n IP. Cuando un gusano que busca aleatoriamente direcciones IP se introduce en la red, podr\u00eda ser atacado por el gusano.\n\nLos productos y versiones afectados son los siguientes: FAST/TOOLS (Paquetes: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 a R10.04"}], "id": "CVE-2025-66602", "lastModified": "2026-03-05T13:19:38.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "7168b535-132a-4efe-a076-338f829b2eb9", "type": "Secondary"}]}, "published": "2026-02-09T04:15:49.423", "references": [{"source": "7168b535-132a-4efe-a076-338f829b2eb9", "tags": ["Vendor Advisory"], "url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"}], "sourceIdentifier": "7168b535-132a-4efe-a076-338f829b2eb9", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-291"}], "source": "7168b535-132a-4efe-a076-338f829b2eb9", "type": "Secondary"}]}

{}

{"created": "2026-02-09T10:39:23.597653+00:00", "updated": "2026-02-09T10:39:23.597678+00:00", "vendors": ["yokogawa", "yokogawa$PRODUCT$fast/tools"]}