PT-2026-7050 · Hmiweb+5 · Hmiweb+5
Published
2026-02-09
·
Updated
2026-03-05
·
CVE-2025-66602
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FAST/TOOLS versions R9.01 through R10.04
Description
The web server component accepts access by IP address, potentially allowing exploitation by worms that randomly search for IP addresses. This could lead to unauthorized access if a worm intrudes into the network. The affected packages are RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB.
Recommendations
FAST/TOOLS versions R9.01 through R10.04 should be updated to a newer, secure version.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fast/Tools
Ftees
Hmimob
Hmiweb
Rvsvrn
Unsvrn