ICSA-26-041-01 · Published 2026-02-10 · View on CISA ICS-CERT ↗

Yokogawa FAST/TOOLS

CVSS 8.2 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to redirected users to malicious sites, decrypt communications, perform a man-in-the-middle (MITM) attack, execute malicious scripts, steal files, and perform other various attacks.

CVEs (14)

CVE-2025-66594 CVE-2025-66595 CVE-2025-66597 CVE-2025-66598 CVE-2025-66599 CVE-2025-66600 CVE-2025-66601 CVE-2025-66602 CVE-2025-66603 CVE-2025-66604 CVE-2025-66605 CVE-2025-66606 CVE-2025-66607 CVE-2025-66608

Remediations

Yokogawa recommends users update to revision R10.04 and apply patch software (CS_e12787). After the patch is applied, users should apply R10.04 SP3.
Yokogawa strongly recommends that all users establish and maintain a comprehensive security program, not just for addressing the vulnerability identified in this YSAR. Security program components include patch updates, antivirus software, backup and recovery solutions, zoning, hardening, whitelisting, firewalls, and other related measures. Yokogawa can assist organizations in setting up and continuously maintaining a security program. As a starting point for developing the most effective risk mitigation plan, Yokogawa offers security risk assessment services.
For questions related to this report, please contact Yokogawa https://contact.yokogawa.com/cs/gw?c-id=000498.

Affected Vendors

Yokogawa

Affected Products (1)

Yokogawa · FAST/TOOLS >=R9.01|<=R10.04

Affected Sectors

Critical Manufacturing, Energy, Food and Agriculture

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more