Yokogawa FAST/TOOLS, Information Disclosure, CVE-2025-66594 (MEDIUM)

Listen to this Post

A vulnerability classified as CWE-209 exists in Yokogawa’s FAST/TOOLS industrial automation software . The flaw causes the application to generate detailed error messages that inadvertently disclose sensitive information about the system’s internal state, configuration, or environment . This information leakage occurs without requiring any authentication or user interaction, as the attacker can trigger these verbose errors remotely over the network . The exposed data, while not directly compromising the system, provides critical intelligence for reconnaissance . An attacker can leverage this knowledge to map the internal architecture, discover software versions, or identify other potential weaknesses . This makes the vulnerability a significant stepping stone for launching more targeted and severe follow-up attacks against the FAST/TOOLS environment . The affected packages include RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB, spanning versions from R9.01 up to R10.04 .
Platform: Yokogawa FAST/TOOLS
Version: R9.01-R10.04
Vulnerability :Info disclosure via errors
Severity: MEDIUM
date: 09/02/2026

Prediction: Patch expected March 2026

What Undercode Say:

Analytics:

The vulnerability is rooted in the software’s failure to sanitize error output, falling under CWE-209 . Attackers can enumerate application endpoints to provoke specific error conditions. For example, they might send malformed HTTP requests to the HMIWEB package:
curl -i http://target.fasttools.com/broken_endpoint?param=’invalid%20input
Monitoring logs for exposed stack traces or server paths can confirm the leakage:

grep -i -E “(error|exception|stack trace)” /var/log/fasttools/access.log

The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L) confirms the attack is trivial to execute remotely with no privileges required . Security teams should inventory all FAST/TOOLS instances in their OT environment using a discovery script:
for ip in $(cat ot_subnets.txt); do nmap -p 8080 –script http- $ip | grep -i “FAST/TOOLS” -B 4; done

Exploit:

An attacker can send crafted requests to trigger verbose error messages without authentication. By analyzing the responses, they can extract information such as internal file paths, database schema details, or configuration parameters. This reconnaissance data is then used to tailor subsequent attacks, like SQL injection or path traversal, with a higher success rate.

Protection from this CVE:

Mitigation involves applying input validation and implementing custom generic error pages that do not expose system details. Administrators should update to a patched version as soon as Yokogawa releases a security update. In the interim, network segmentation should be strictly enforced to restrict untrusted access to the affected packages (RVSVRN, UNSVRN, HMIWEB, etc.).

Impact:

Successful information disclosure aids attackers in bypassing security measures, leading to potential compromise of industrial processes. This vulnerability increases the risk of targeted ransomware or sabotage in critical manufacturing environments, violating the confidentiality of the OT network and providing a foothold for lateral movement.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top