CVE-2025-66596

EUVD-2025-207177
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.



This product does not
properly validate request headers. When an attacker inserts an invalid host
header, users could be redirected to malicious sites.



The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
yokogawafast\/tools
r9.01 ≤
𝑥
≤ r10.04
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf