Overview:
A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could
be exploited by an attacker for other attacks.
The affected products and versions are as follows:
FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CI Server (All packages) R1.01 to R1.04
<= R10.04 - AFFECTED
<= R1.04 - AFFECTED
Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return...
https://github.com/advisories/GHSA-4852-997v-4274Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks.
The affected products and versions are as follows:
FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CI Server (All packages) R1.01 to R1.04
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-11833",
"assignerOrgId": "7168b535-132a-4efe-a076-338f829b2eb9",
"assignerShortName": "YokogawaGroup",
"dateUpdated": "2026-06-23T00:53:43.698Z",
"dateReserved": "2026-06-09T22:13:24.421Z",
"datePublished": "2026-06-23T00:53:43.698Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "7168b535-132a-4efe-a076-338f829b2eb9",
"shortName": "YokogawaGroup",
"dateUpdated": "2026-06-23T00:53:43.698Z"
},
"datePublic": "2026-06-22T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Overview: \nA vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could \nbe exploited by an attacker for other attacks. \n\nThe affected products and versions are as follows:\n\nFAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04\n\nCI Server (All packages) R1.01 to R1.04",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "Overview: \nA vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could \nbe exploited by an attacker for other attacks. \n\n<div>The affected products and versions are as follows:\n<br>FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04\n<br>CI Server (All packages) R1.01 to R1.04</div>"
}
]
}
],
"affected": [
{
"vendor": "Yokogawa Electric Corporation",
"product": "FAST/TOOLS",
"defaultStatus": "unknown",
"versions": [
{
"version": "R9.01",
"status": "affected",
"versionType": "custom",
"lessThanOrEqual": "R10.04"
}
]
},
{
"vendor": "Yokogawa Electric Corporation",
"product": "CI Server",
"defaultStatus": "unknown",
"versions": [
{
"version": "R1.01",
"status": "affected",
"versionType": "custom",
"lessThanOrEqual": "R1.04"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-319 Cleartext transmission of sensitive information",
"cweId": "CWE-319",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf"
}
],
"metrics": [
{
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
]
}
}
}