CVE-2025-66599 is a vulnerability categorized under CWE-497 (Exposure of Sensitive Information to an Unauthorized Actor) found in Yokogawa Electric Corporation's FAST/TOOLS software suite, specifically versions R9.01 through R10.04. FAST/TOOLS is an industrial automation and control system platform widely used for supervisory control and data acquisition (SCADA) and human-machine interface (HMI) applications. The vulnerability manifests as the exposure of physical file system paths on web pages generated by the affected FAST/TOOLS components, including RVSVRN, UNSVRN, HMIWEB, FTEES, and HMIMOB packages. This exposure occurs without requiring authentication or user interaction, and can be exploited remotely over the network. The disclosed physical paths can provide attackers with valuable intelligence about the internal directory structure and deployment environment of the system, which can be leveraged to identify further vulnerabilities or misconfigurations for subsequent attacks such as directory traversal, file inclusion, or privilege escalation. The CVSS v4.0 base score is 6.9 (medium severity), reflecting the network attack vector, no required privileges or user interaction, and limited impact confined to confidentiality (information disclosure). No known exploits have been reported in the wild, and no patches have been officially released at the time of this report. The vulnerability highlights the importance of secure information handling in industrial control system web interfaces, where even seemingly minor information leaks can have outsized impact on operational security.

For European organizations, especially those operating critical infrastructure or industrial automation environments, this vulnerability poses a moderate risk. Disclosure of physical paths can facilitate reconnaissance by threat actors, enabling them to map the internal system architecture and identify potential attack vectors. This is particularly concerning for sectors such as energy, manufacturing, utilities, and transportation, where Yokogawa's FAST/TOOLS is commonly deployed. Attackers could use the disclosed information to craft targeted exploits, potentially leading to unauthorized access, data exfiltration, or disruption of industrial processes. Although the vulnerability itself does not allow direct system compromise, it lowers the barrier for more severe attacks. Given the strategic importance of industrial control systems in Europe and the increasing targeting of such environments by cyber adversaries, the impact could extend to operational downtime, safety risks, and economic losses. The lack of authentication and user interaction requirements increases the ease of exploitation, raising the urgency for mitigation in European contexts.

Since no official patches are currently available, European organizations should implement compensating controls to mitigate this vulnerability. First, restrict external access to FAST/TOOLS web interfaces by enforcing network segmentation and firewall rules to limit exposure to trusted internal networks only. Employ web application firewalls (WAFs) to detect and block suspicious requests that might exploit information disclosure. Review and harden web server configurations to prevent leakage of directory paths, such as disabling detailed error messages and directory listings. Conduct thorough security audits and penetration testing focused on the affected FAST/TOOLS components to identify and remediate other potential weaknesses. Monitor network traffic and logs for unusual access patterns or reconnaissance activity targeting these systems. Engage with Yokogawa support channels to obtain updates or patches as they become available, and plan for timely deployment. Additionally, implement strict access controls and multi-factor authentication for administrative interfaces to reduce risk from lateral movement if reconnaissance leads to further exploitation.