CVE-2025-66789

MediumProof-of-Concept

Yokogawa CENTUM VP HMI Cross-Site Scripting

5.4

CVSS v3.1 Base Score

Medium severity — Plan remediation

AV: Network AC: LowAuth: Required

Stored XSS in CENTUM VP HMI web application. Requires authenticated access to inject payloads, but impact spreads to all operators viewing affected pages. In OT context, session hijacking of operator sessions could enable process manipulation. Low immediate risk but part of attack chain in targeted operations.

Status

Proof-of-Concept

Complexity

Low

Auth Required

Yes

Initial Access

CENTUM VP HMI web application (HTTPS/443)

Known Techniques

Stored XSS via alarm comment field injection
JavaScript execution through crafted trend display name

Published:2025-01-05

Modified:2025-01-20

Vendor:Yokogawa

CWE:CWE-79

Cross-site Scripting (XSS)

Risk Summary

Overall RiskMedium

ExploitationProof-of-Concept

DetectionLow coverage

Detection Rate75%

Rules Available1

CVE-2025-66789

Yokogawa CENTUM VP HMI Cross-Site Scripting

CVSS v3.1 Base Score

Executive Summary

Exploitation Context

Technical Vulnerability Breakdown

Full Description

Detection & Rule Intelligence (1 rules)

Rule Effectiveness & Testing Results

OT Risk Assessment

Mitigation & Response Guidance

Recommendations & Tuning Notes

Affected Products

References