PatchSiren cyber security CVE debrief
CVE-2025-66597 Yokogawa CVE debrief
CVE-2025-66597 affects Yokogawa FAST/TOOLS and is described by CISA as a weakness in cryptographic algorithm use. According to the advisory, the product supports weak cryptographic algorithms, which could allow an attacker to decrypt communications with the web server. CISA assigned the issue a CVSS 3.1 score of 8.2 (HIGH), reflecting a network-reachable issue with meaningful confidentiality impact.
- Vendor
- Yokogawa
- Product
- FAST/TOOLS
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-02-10
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-02-10
Who should care
OT/ICS operators, Yokogawa FAST/TOOLS administrators, security teams managing industrial web interfaces, and organizations that rely on FAST/TOOLS for remote monitoring or control should review this advisory and confirm whether the affected product is deployed.
Technical summary
The CISA CSAF advisory states that Yokogawa FAST/TOOLS supports weak cryptographic algorithms, creating the possibility that communications with the web server could be decrypted by an attacker. The published CVSS vector is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N, indicating a network-exploitable issue with high confidentiality impact and limited integrity impact. The advisory does not provide exploit details, and this debrief does not assume any specific attack path beyond the published description.
Defensive priority
High. The issue is remotely reachable in principle, has a high CVSS score, and may expose sensitive web-server traffic. Organizations with exposed FAST/TOOLS services should prioritize patching and exposure review.
Recommended defensive actions
- Update Yokogawa FAST/TOOLS to revision R10.04 and apply patch software CS_e12787, then apply R10.04 SP3 as directed by Yokogawa.
- Confirm whether FAST/TOOLS web communications are exposed to untrusted networks and restrict access where possible.
- Review cryptographic and TLS settings used by the web server to ensure only strong, approved algorithms are enabled, consistent with vendor guidance.
- Apply layered OT defensive controls such as network segmentation, hardening, whitelisting, firewalls, and monitoring, as recommended in the advisory.
- Validate backups, recovery procedures, and patch-management processes before and after remediation.
- Contact Yokogawa through the vendor contact path in the advisory if deployment-specific questions remain.
Evidence notes
All substantive claims here are taken from the supplied CISA CSAF source item for ICSA-26-041-01 and its listed remediation text. The advisory published on 2026-02-10 and attributes the issue to weak cryptographic algorithms in Yokogawa FAST/TOOLS. The CVSS vector and score were supplied in the source corpus and indicate network attackability with high confidentiality impact.
Official resources
-
CVE-2025-66597 CVE record
CVE.org
-
CVE-2025-66597 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the CSAF advisory for CVE-2025-66597 on 2026-02-10 as ICSA-26-041-01, with an initial revision noted as a republication of YSAR-26-0001-E. No KEV listing is indicated in the supplied source corpus.