Unrated severityNVD Advisory· Published Dec 6, 2014· Updated May 6, 2026

CVE-2014-7251

Description

XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.

Affected products

Yokogawa/Fast\/tools5 versions
cpe:2.3:a:yokogawa:fast\/tools:r9.01:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:yokogawa:fast\/tools:r9.01:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:fast\/tools:r9.02:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:fast\/tools:r9.03:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:fast\/tools:r9.04:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:fast\/tools:r9.05:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.yokogawa.com/dcs/security/ysar/YSAR-14-0004E.pdfnvdVendor Advisory
jvn.jp/en/jp/JVN54775800/index.htmlnvd
jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000141.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/99018nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000