CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-11833

criticalcovered by 1 sourcefirst seen 2026-06-25
View CSAF Summary Successful exploitation of this vulnerability may return a response containing the CI Server setting information. The following versions of Yokogawa FAST/TOOLS and CI Server are affected: FAST/TOOLS >=R9.01|<=R10.04 Collaborative Information Server (CI Server) >=R1.01|<=R1.04 CVSS Vendor Equipment Vulnerabilities v3 7.5 Yokogawa Yokogawa FAST/TOOLS and CI Server Cleartext Transmission of Sensitive Information Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture Countries/Areas Deployed: Worldwide Company Headquarters Location: Japan Vulnerabilities Expand All + CVE-2026-11833 The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks. View CVE Details Affected Products Yokogawa FAST/TOOLS and CI Server Vendor: Yokogawa Product Version: Yokogawa FAST/TOOLS: >=R9.01|<=R10.04, Yokogawa Collaborative Information Server (CI Server): >=R1.01|<=R1.04 Product Status: known_affected Remediations Vendor fix Yokogawa recommends users update FAST/TOOLS up to R10.04 and apply patch software (R10.04 SP4). Mitigation Yokogawa recommends users update Collaborative Information Server (CI Server) up to R1.05. Mitigation For more information and details on implementing these mitigations, users should see the Yokogawa security advisory report YSAR-26-0004 at: https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf Mitigation For questions related to this report, please contact the below. https://contact.yokogawa.com/cs/gw?c-id=000498 Relevant CWE: CWE-319 Cleartext Transmission of Sensitive Information Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.0 8.2 HIGH CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Acknowledgments Yokogawa reported this vulnerability to JPCERT/CC Legal Notice and Terms of Use This product is provided subject t

CSIRTS triage

vendor: Yokogawaproduct: FAST/TOOLS and CI ServerInformation disclosureaffected: FAST/TOOLS >=R9.01|<=R10.04; CI Server >=R1.01|<=R1.04
What
A vulnerability may return a response containing sensitive CI Server setting information.
Who is affected
Users of Yokogawa FAST/TOOLS and CI Server within the specified versions.
Urgency
Critical urgency due to the risk of sensitive information exposure.
Action
Update to versions beyond R10.04 for FAST/TOOLS and R1.04 for CI Server.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-11833

Get an email if CVE-2026-11833 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-11833

CVE.org record

Embed the live status

CVE-2026-11833 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-11833 status](https://www.csirts.com/badge/CVE-2026-11833)](https://www.csirts.com/cve/CVE-2026-11833)