PatchSiren cyber security CVE debrief
CVE-2025-66599 Yokogawa CVE debrief
CVE-2025-66599 is an information disclosure issue in Yokogawa FAST/TOOLS where physical paths could be displayed on web pages. CISA notes that the exposed information could be used to support other attacks. The advisory rates the issue Medium with a CVSS 3.1 score of 5.3, reflecting low confidentiality impact and no direct integrity or availability impact.
- Vendor
- Yokogawa
- Product
- FAST/TOOLS
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-02-10
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-02-10
Who should care
Organizations running Yokogawa FAST/TOOLS in OT/ICS environments should pay attention, especially asset owners, operators, and integrators that expose the product’s web pages to internal users, remote access paths, or broader enterprise networks. Defenders responsible for patching and web-facing OT services should prioritize verification and remediation.
Technical summary
CISA’s advisory describes a web-facing information exposure in Yokogawa FAST/TOOLS: physical paths can be shown on web pages. The supplied CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) indicates network-reachable, low-complexity exposure with confidentiality impact only. The advisory does not describe code execution or service disruption; the main risk is that the disclosed paths may help an attacker with reconnaissance or follow-on targeting.
Defensive priority
Medium. The severity score is moderate, but exposed system paths in an industrial environment can aid subsequent attacks and should be remediated promptly, especially where the web interface is broadly accessible.
Recommended defensive actions
- Update Yokogawa FAST/TOOLS to revision R10.04 and apply patch software CS_e12787, then apply R10.04 SP3 as recommended by Yokogawa.
- Verify affected deployments no longer display physical paths on web pages after remediation.
- Follow CISA ICS recommended practices and the vendor’s broader defense-in-depth guidance, including patching, hardening, whitelisting, zoning, firewalls, antivirus, and backup/recovery controls.
- If you need help with the remediation path, use Yokogawa’s published support contact for this advisory.
Evidence notes
This debrief is based on CISA CSAF advisory ICSA-26-041-01 for Yokogawa FAST/TOOLS, published and modified on 2026-02-10 UTC. The advisory states: “Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks.” The vendor remediation in the source corpus recommends R10.04, patch software CS_e12787, and then R10.04 SP3. The supplied enrichment does not mark this as a KEV item and does not indicate ransomware campaign use.
Official resources
-
CVE-2025-66599 CVE record
CVE.org
-
CVE-2025-66599 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory basis: CISA CSAF ICSA-26-041-01, published/modified 2026-02-10 UTC, republishing YSAR-26-0001-E. This debrief uses the supplied public advisory and official reference links only.