Yokogawa: >> Fast/tools Security Vulnerabilities
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
weak cryptographic algorithms, potentially allowing an attacker to decrypt
communications with the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
7.5
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
old SSL/TLS versions, potentially allowing an attacker to decrypt
communications with the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
7.5
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product is
vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link
crafted by an attacker, the user’s account could be compromised.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
5.4
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly validate request headers. When an attacker inserts an invalid host
header, users could be redirected to malicious sites.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Detailed messages are displayed on the error
page. This information could be exploited by an attacker for other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The response header
contains an insecure setting. Users could be redirected to malicious sites by
an attacker.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly validate URLs. An attacker could send specially crafted requests to
steal files from the web server.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
7.5
EPSS Score
0.001
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
specify MIME types. When an attacker performs a content sniffing attack,
malicious scripts could be executed.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
access by IP address. When a worm that randomly searches for IP addresses
intrudes into the network, it could potentially be attacked by the worm.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-09
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The web server accepts
the OPTIONS method. An attacker could potentially use this information to carry
out other attacks.
The
affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to
R10.04
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-09
Page 1