These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-66608 affects Yokogawa FAST/TOOLS and is rated HIGH with a CVSS v3.1 score of 7.5. According to the CISA CSAF advisory, the product does not adequately validate URLs, and maliciously crafted requests could allow unauthorized access to files on the web server. The supplied CVSS vector indicates network reachability, no privileges required, no user interaction, and high confidentiality impact. CISA [truncated]
CVE-2025-66607 affects Yokogawa FAST/TOOLS and is described by CISA as an insecure response-header setting that could let an attacker redirect users to malicious sites. The supplied CVSS 3.1 vector rates it low severity with network access and higher attack conditions required, and only integrity impact indicated. Yokogawa’s remediation guidance is to update to R10.04, apply patch software CS_e12787, and [truncated]
CVE-2025-66606 affects Yokogawa FAST/TOOLS and is described by CISA as a URL encoding problem. The advisory says an attacker could tamper with web pages or execute malicious scripts. The published CVSS vector indicates network access, high attack complexity, no privileges required, and user interaction required, with low confidentiality impact and no availability impact. Yokogawa’s recommended fix is to u [truncated]
CVE-2025-66605 is a low-severity disclosure issue in Yokogawa FAST/TOOLS published by CISA as ICSA-26-041-01 on 2026-02-10. The advisory states that input fields on a web page have the autocomplete attribute enabled, which can cause entered content to be saved in the browser being used. The supplied CVSS vector reflects a network-reachable issue that requires user interaction and has limited confidentiality impact.
CVE-2025-66604 is a low-severity information disclosure issue in Yokogawa FAST/TOOLS. The advisory says the library version could be displayed on a web page, which could then be used by an attacker to support other attacks. CISA published the advisory on 2026-02-10 as ICSA-26-041-01.
CVE-2025-66603 is a low-severity issue in Yokogawa FAST/TOOLS where the web server accepts the HTTP OPTIONS method. The advisory says this information could potentially be used to carry out other attacks, so the main concern is reconnaissance and chaining rather than direct impact. Yokogawa’s remediation is to update to R10.04, apply patch software CS_e12787, and then apply R10.04 SP3.
CVE-2025-66602 is a Yokogawa FAST/TOOLS issue published by CISA on 2026-02-10. CISA’s advisory says the web server accepts access by IP address, and that a worm which randomly searches for IP addresses could potentially attack the system. The advisory rates the issue CVSS 5.3 (MEDIUM) with network attack vector and low confidentiality impact.
CVE-2025-66601 affects Yokogawa FAST/TOOLS where the product does not specify MIME types. According to the advisory, if an attacker can trigger content sniffing, malicious scripts could execute. CISA published the advisory on 2026-02-10 as ICSA-26-041-01 and the supplied CVSS v3.1 vector rates the issue 6.5/Medium.
Yokogawa FAST/TOOLS is affected by a missing HTTP Strict Transport Security (HSTS) configuration in its web server. The supplied CISA advisory says a man-in-the-middle attack could allow an attacker to sniff communications. The issue is network-exploitable, scored CVSS 8.2 (HIGH), and should be prioritized for any exposed FAST/TOOLS deployment.
CVE-2025-66599 is an information disclosure issue in Yokogawa FAST/TOOLS where physical paths could be displayed on web pages. CISA notes that the exposed information could be used to support other attacks. The advisory rates the issue Medium with a CVSS 3.1 score of 5.3, reflecting low confidentiality impact and no direct integrity or availability impact.
CVE-2025-66598 is a Yokogawa FAST/TOOLS issue in which the product supports old SSL/TLS versions. According to CISA’s advisory, that weakness could allow an attacker to decrypt communications with the web server. CISA and the CVSS vector characterize this as a network-reachable risk with meaningful confidentiality impact, and Yokogawa recommends moving to the fixed release path and applying its patch guidance.
CVE-2025-66597 affects Yokogawa FAST/TOOLS and is described by CISA as a weakness in cryptographic algorithm use. According to the advisory, the product supports weak cryptographic algorithms, which could allow an attacker to decrypt communications with the web server. CISA assigned the issue a CVSS 3.1 score of 8.2 (HIGH), reflecting a network-reachable issue with meaningful confidentiality impact.
CVE-2025-66595 affects Yokogawa FAST/TOOLS and was publicly republished by CISA on 2026-02-10 as ICSA-26-041-01. The advisory says the product is vulnerable to cross-site request forgery (CSRF) and that a crafted link could compromise a user's account. The supplied CVSS vector rates the issue 5.3/Medium, and the vendor remediation path is to move to R10.04, apply patch software CS_e12787, then apply R10.04 SP3.
CVE-2025-66594 is a medium-severity information disclosure issue in Yokogawa FAST/TOOLS. The advisory says detailed messages are shown on an error page, and that exposed information could be used in other attacks. CISA lists the issue as network exploitable with low confidentiality impact and no integrity or availability impact in the supplied CVSS vector.