CISA warned of a Yokogawa industrial software flaw that could leak configuration data, raising risk for critical-infrastructure operators.
The advisory covers CVE-2026-11833, where the web server may return responses containing CI Server settings information
Affected versions listed: FAST/TOOLSR9.01 through R10.04, and Collaborative Information Server (CI Server)R1.01 through R1.04
The issue is categorized as Cleartext Transmission of Sensitive Information, with the leaked data potentially enabling follow-on attacks
Severity is noted as CVSS v3 `7.5`
CISA flags exposure in critical-infrastructure sectors including Critical Manufacturing, Energy, Food and Agriculture, with deployments described as worldwide
Yokogawa’s remediation guidance: update FAST/TOOLS to R10.04 and apply patch `R10.04 SP4`