PatchSiren cyber security CVE debrief
CVE-2025-66598 Yokogawa CVE debrief
CVE-2025-66598 is a Yokogawa FAST/TOOLS issue in which the product supports old SSL/TLS versions. According to CISA’s advisory, that weakness could allow an attacker to decrypt communications with the web server. CISA and the CVSS vector characterize this as a network-reachable risk with meaningful confidentiality impact, and Yokogawa recommends moving to the fixed release path and applying its patch guidance.
- Vendor
- Yokogawa
- Product
- FAST/TOOLS
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-02-10
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-02-10
Who should care
Organizations that use Yokogawa FAST/TOOLS, especially in industrial control or OT environments where the web server is used for remote access, monitoring, or administration. Security teams responsible for TLS configuration, patch management, and segmentation should treat this as a priority.
Technical summary
The advisory states that FAST/TOOLS supports old SSL/TLS versions, which can weaken the confidentiality of web-server traffic. The supplied CVSS vector (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N) indicates a network-based attack with low privileges and no user interaction, with high confidentiality impact and limited integrity impact. The source corpus does not describe exploitation in the wild or a weaponized chain; it only identifies the protocol weakness and the vendor’s remediation path.
Defensive priority
High. The issue is rated CVSS 7.1 (HIGH) in the supplied data and affects communications security rather than availability, which can be especially important for OT web interfaces handling sensitive operational data.
Recommended defensive actions
- Apply Yokogawa’s remediation guidance: update to revision R10.04 and apply patch software CS_e12787, then apply R10.04 SP3 after the patch.
- Review TLS/SSL configuration on FAST/TOOLS and disable legacy protocol versions where vendor-supported.
- Restrict network access to the web server with segmentation and firewall rules to reduce exposure.
- Validate that backups, recovery, and monitoring are current before maintenance windows.
- Follow Yokogawa’s broader security-program guidance for patching, hardening, whitelisting, and defense-in-depth measures.
Evidence notes
All material facts in this debrief come from the supplied CISA CSAF advisory record for ICSA-26-041-01 / CVE-2025-66598 and the associated official references listed in the corpus. The key claim is directly stated in the advisory notes: support for old SSL/TLS versions may allow decryption of communications with the web server. The remediation language is taken from Yokogawa’s mitigation entry in the same source item.
Official resources
-
CVE-2025-66598 CVE record
CVE.org
-
CVE-2025-66598 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA’s CSAF advisory for ICSA-26-041-01 was published on 2026-02-10, which is the CVE publication date used here. The source record indicates this was an initial republication of YSAR-26-0001-E.