GHSA-mggh-hv8j-r56r

Опубликовано: 09 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 6.3

CVSS3: 5.4

Описание

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product is vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link crafted by an attacker, the user’s account could be compromised.

The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product is vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link crafted by an attacker, the user’s account could be compromised.

The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

Ссылки

EPSS

Процентиль: 6%

0.0002

Низкий

6.3 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

CVE-2025-66595

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-66595

CVSS3: 5.4

nvd

3 месяца назад

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link crafted by an attacker, the user’s account could be compromised. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

BDU:2026-01901

CVSS3: 5.3

fstec

3 месяца назад

Уязвимость SCADA-системы FAST/TOOLS, связанная с подделкой межсайтовых запросов, позволяющая нарушителю осуществить CSRF-атаку

EPSS

Процентиль: 6%

0.0002

Низкий

6.3 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

CVE-2025-66595

Дефекты

CWE-352