Primary

Context

Yokogawa FAST/TOOLS Improper URL Encoding Vulnerability Allowing Web Page Tampering and Script Execution

Vulnerability

Patched

A vulnerability exists in Yokogawa FAST/TOOLS versions R9.01 to R10.04, across several packages including RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB. The issue stems from improper URL encoding, which could enable an attacker to manipulate web pages or execute malicious scripts.

Impact

Exploitation of this vulnerability could lead to Cross-Site Scripting (XSS) attacks, allowing for the execution of malicious scripts in the context of the user's browser.

Remediation

Users are advised to update to FAST/TOOLS R10.04 SP3 and apply the patch software CS_e12787. For assistance, contact your local Yokogawa supporting office.

Added: Feb 9, 2026, 4:19 AM

Updated: Feb 9, 2026, 4:19 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.7

exploitability

5.4

remediation

7.7

relevance

2.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.7

exploitability

5.4

remediation

7.7

relevance

2.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Yokogawa FAST/TOOLS Improper URL Encoding Vulnerability Allowing Web Page Tampering and Script Execution

Vulnerability

Impact

Remediation

Affected Products

Yokogawa FAST/TOOLS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating