CVE-2025-66601 Yokogawa CVE debrief

Who should care

OT and ICS operators running Yokogawa FAST/TOOLS, especially teams that expose the product through browser-based workflows or manage web-facing deployments. Security, patch-management, and network segmentation teams should also review the advisory and remediation steps.

Technical summary

The source advisory states that FAST/TOOLS does not specify MIME types. In a content-sniffing scenario, the client can interpret content in a way that allows malicious scripts to execute. The supplied CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N, which aligns with a network-reachable issue that can affect confidentiality and integrity without impacting availability.

Defensive priority

Medium. Prioritize remediation for any exposed FAST/TOOLS deployment and any environment where browser handling of served content could be influenced by untrusted input.

Recommended defensive actions

• Update to revision R10.04 and apply patch software CS_e12787, as Yokogawa recommends.
• After applying the patch, apply R10.04 SP3.
• Maintain a comprehensive security program that includes patch updates, antivirus software, backup and recovery solutions, zoning, hardening, whitelisting, and firewalls.
• Use Yokogawa security risk assessment services or contact Yokogawa for deployment-specific guidance if needed.

Evidence notes

The supplied CSAF record for ICSA-26-041-01 says FAST/TOOLS does not specify MIME types and that malicious scripts could execute during a content sniffing attack. The record was published and modified on 2026-02-10 and includes revision history showing version 1 as the initial republication of YSAR-26-0001-E. The remediation section recommends R10.04, patch software CS_e12787, and then R10.04 SP3. No KEV entry is provided in the supplied corpus.

Official resources