Insecure Response Header Vulnerability in FAST/TOOLS by Yokogawa Electric Corporation
CVE-2025-66607

6.3MEDIUM

Key Information:

Vendor: Yokogawa Electric Corporation
Status: Fast/tools
Vendor: CVE Published:; 9 February 2026

🔔 Create Yokogawa Electric Corporation Vulnerability Alert

What is CVE-2025-66607?

A security vulnerability in FAST/TOOLS, developed by Yokogawa Electric Corporation, allows attackers to exploit an insecure setting in the response header. This weakness could enable malicious actors to redirect users to harmful websites, posing significant risks to user safety and data integrity. The vulnerability affects specific versions of FAST/TOOLS, including Packages RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB, from R9.01 to R10.04.

Affected Version(s)

FAST/TOOLS R9.01

References

https://web-material3.yokogawa.com/1/39206/files/YSAR-26-...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Dec 5, 2025

CVE-2025-66607 Data

JSON