YSAR-26-0004: FAST/TOOLS and CI Server vulnerable to cleartext transmission of sensitive information

HIGH

CVSS 7.5

Date 2026-06-23T21:25:15+00:00

Source yokogawa

Published by Yokogawa

// Description

1 / 2YSAR-26-0004-E Yokogawa Security Advisory Report > All Rights Reserved. Copyright © 2026, Yokogawa Electric Corporation # Yokogawa Security Advisory Report ## YSAR-26-0004 Published on June 23, 2026 Last updated on June 23, 2026 YSAR-26-0004: FAST/TOOLS and CI Server vulnerable to cleartext transmission of sensitive information Overview: A vulnerability has been found in FAST/TOOLS and CI Server. Yokogawa has identified the range of affected products in this report. Pleas

// Vulnerabilities (1)

CVE ID	CVSS Score	Severity	Description
CVE-2026-11833	7.5	high	The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks.

// Remediations (4)

Patch: Yokogawa recommends users update FAST/TOOLS up to R10.04 and apply patch software (R10.04 SP4).

Yokogawa recommends users update FAST/TOOLS up to R10.04 and apply patch software (R10.04 SP4).

Mitigation: For questions related to this report, please contact the below.https://contact.yokogawa.com/cs/gw?c-

For questions related to this report, please contact the below.https://contact.yokogawa.com/cs/gw?c-id=000498

Mitigation: Yokogawa recommends users update Collaborative Information Server (CI Server) up to R1.05.

Yokogawa recommends users update Collaborative Information Server (CI Server) up to R1.05.

Mitigation: For more information and details on implementing these mitigations, users should see the Yokogawa se

For more information and details on implementing these mitigations, users should see the Yokogawa security advisory report YSAR-26-0004 at https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf

// References

Yokogawa YOKOGAWA-YSAR-26-0004-E
Yokogawa https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf