CVE-2026-11833

Summary

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks.

The affected products and versions are as follows:

FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CI Server (All packages) R1.01 to R1.04

Affected Software

VendorProductVersion RangeStatus
Yokogawa Electric CorporationFAST/TOOLSR9.01 <= R10.04affected
Yokogawa Electric CorporationCI ServerR1.01 <= R1.04affected

Weaknesses

  • CWE-319: CWE-319 Cleartext transmission of sensitive information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References