Skip to main content

FAST/TOOLS EUVDEUVD-2026-38411

| CVE-2026-11833 HIGH
Cleartext Transmission of Sensitive Information (CWE-319)
2026-06-23 YokogawaGroup GHSA-4852-997v-4274
8.2
CVSS 4.0 · Vendor: YokogawaGroup
Share

Severity by source

Vendor (YokogawaGroup) PRIMARY
8.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.9 MEDIUM

Network-reachable web server discloses configuration without auth (PR:N/UI:N); AT:P in 4.0 maps to AC:H in 3.1; confidentiality-only impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (YokogawaGroup).

CVSS VectorVendor: YokogawaGroup

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
CVE Published
Jun 23, 2026 - 02:13 cve.org
HIGH 8.2
Analysis Generated
Jun 23, 2026 - 02:12 vuln.today

DescriptionCVE.org

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks.

The affected products and versions are as follows:

FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CI Server (All packages) R1.01 to R1.04

AnalysisAI

Information disclosure in Yokogawa FAST/TOOLS (R9.01-R10.04) and CI Server (R1.01-R1.04) allows unmodified network attackers to retrieve CI Server configuration data via the embedded web server. The leaked settings can be leveraged as reconnaissance fuel for follow-on attacks against the SCADA/automation environment. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify exposed FAST/TOOLS or CI Server web endpoint
Delivery
Send crafted HTTP request to web server
Exploit
Receive response leaking CI Server settings
Execution
Harvest configuration data for OT recon
Impact
Plan follow-on intrusion into SCADA environment

Vulnerability AssessmentAI

Exploitation Network reachability to the affected FAST/TOOLS or CI Server web server is required, and the CVSS 4.0 AT:P flag indicates a specific (vendor-described but not publicly detailed) attack requirement - likely a particular request shape or configuration state - must be present for the leak to occur. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N) yields 8.2 and reflects a confidentiality-only impact reachable over the network without authentication or user interaction, though AT:P indicates a specific attack requirement must be met. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network reachability to the FAST/TOOLS or CI Server web interface - for example a foothold on the corporate IT segment that can route into the DMZ-facing HMI - issues a crafted HTTP request and receives a response containing CI Server setting information. The disclosed configuration is then used to map the SCADA topology, identify tag names, service endpoints, or trust relationships that inform a follow-on intrusion deeper into the OT network. …
Remediation Patch status is not explicitly stated in the supplied data, so consult Yokogawa security advisory YSAR-26-0004-E at https://web-material3.yokogawa.com/1/39777/files/YSAR-26-0004-E.pdf for the vendor-provided fix package and apply it to all FAST/TOOLS R9.01-R10.04 and CI Server R1.01-R1.04 deployments. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-66603 CRITICAL
9.8 Feb 09

Yokogawa FAST/TOOLS has a second web server vulnerability involving improper cryptographic handling that weakens the sec

CVE-2025-66602 CRITICAL
9.8 Feb 09

Yokogawa FAST/TOOLS SCADA has a vulnerability in its web server component enabling unauthorized access to the industrial

CVE-2025-66606 CRITICAL
9.6 Feb 09

Yokogawa FAST/TOOLS has a third vulnerability involving improper encoding of output that could enable injection attacks

CVE-2025-66608 HIGH
7.5 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly v

CVE-2025-66597 HIGH
7.5 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak crypt

CVE-2025-66598 HIGH
7.5 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TL

CVE-2025-66601 MEDIUM
6.1 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MI

CVE-2025-66595 MEDIUM
5.4 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cr

CVE-2025-66605 MEDIUM
5.3 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on

CVE-2025-66594 MEDIUM
5.3 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed

CVE-2025-66607 MEDIUM
5.3 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an

CVE-2025-66604 MEDIUM
5.3 Feb 09

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be dis

Share

EUVD-2026-38411 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy