Cross-Site Request Forgery Vulnerability in FAST/TOOLS by Yokogawa Electric Corporation
CVE-2025-66595

6.3MEDIUM

Key Information:

Vendor: Yokogawa Electric Corporation
Status: Fast/tools
Vendor: CVE Published:; 9 February 2026

🔔 Create Yokogawa Electric Corporation Vulnerability Alert

What is CVE-2025-66595?

A vulnerability in FAST/TOOLS from Yokogawa Electric Corporation allows attackers to exploit Cross-Site Request Forgery. By crafting a malicious link, an attacker can compel a user to perform unwanted actions through their authenticated session, potentially compromising their account and sensitive data. This impacts versions R9.01 to R10.04, affecting various packages including RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB. It is essential for users to ensure they are protected against this vulnerability to maintain the integrity of their systems.

Affected Version(s)

FAST/TOOLS R9.01

References

https://web-material3.yokogawa.com/1/39206/files/YSAR-26-...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Dec 5, 2025

CVE-2025-66595 Data

JSON