CVE-2026-11833
View CSAF Summary Successful exploitation of this vulnerability may return a response containing the CI Server setting information. The following versions of Yokogawa FAST/TOOLS and CI Server are affected: FAST/TOOLS >=R9.01|<=R10.04 Collaborative Information Server (CI Server) >=R1.01|<=R1.04 CVSS Vendor Equipment Vulnerabilities v3 7.5 Yokogawa Yokogawa FAST/TOOLS and CI Server Cleartext Transmission of Sensitive Information Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture Countries/Areas Deployed: Worldwide Company Headquarters Location: Japan Vulnerabilities Expand All + CVE-2026-11833 The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks. View CVE Details Affected Products Yokogawa FAST/TOOLS and CI Server Vendor: Yokogawa Product Version: Yokogawa FAST/TOOLS: >=R9.01|<=R10.04, Yokogawa Collaborative Information Server (CI Server): >=R1.01|<=R1.04 Product Status: known_affected Remediations Vendor fix Yokogawa recommends users update FAST/TOOLS up to R10.04 and apply patch software (R10.04 SP4). Mitigation Yokogawa recommends users update Collaborative Information Server (CI Server) up to R1.05. Mitigation For more information and details on implementing these mitigations, users should see the Yokogawa security advisory report YSAR-26-0004 at: https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf Mitigation For questions related to this report, please contact the below. https://contact.yokogawa.com/cs/gw?c-id=000498 Relevant CWE: CWE-319 Cleartext Transmission of Sensitive Information Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.0 8.2 HIGH CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Acknowledgments Yokogawa reported this vulnerability to JPCERT/CC Legal Notice and Terms of Use This product is provided subject t
CSIRTS triage
- What
- A vulnerability may return a response containing sensitive CI Server setting information.
- Who is affected
- Users of Yokogawa FAST/TOOLS and CI Server within the specified versions.
- Urgency
- Critical urgency due to the risk of sensitive information exposure.
- Action
- Update to versions beyond R10.04 for FAST/TOOLS and R1.04 for CI Server.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-11833
Get an email if CVE-2026-11833 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.22% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 12% of all EPSS-scored CVEs.
Advisory coverage (1)
- criticalYokogawa FAST/TOOLS and CI Servercisa · 2026-06-25
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-11833)