CISA flags Yokogawa CVE-2026-11833 cleartext flaw
OT teams should treat this as network exposure and version validation work before scheduling Yokogawa patch windows.
TL;DR
CISA published ICSA-26-176-01 for CVE-2026-11833, a CVSS 3.1 7.5 cleartext transmission flaw in Yokogawa FAST/TOOLS R9.01 through R10.04 and Collaborative Information Server R1.01 through R1.04. Critical manufacturing, energy, and food and agriculture operators should check exposure and plan separate remediation tracks: FAST/TOOLS R10.04 SP4 and CI Server R1.05. CISA says it has no reports of public exploitation targeting the flaw.
CISA’s advisory is a straightforward OT vulnerability notice with one practical wrinkle: the affected Yokogawa products do not share the same remediation path. The flaw can cause the web server to return CI Server setting information, which CISA says could be used by an attacker for other attacks. Operators running Yokogawa FAST/TOOLS R9.01 through R10.04 or Collaborative Information Server R1.01 through R1.04 should validate network exposure, confirm whether those versions are present in critical manufacturing, energy, or food and agriculture environments, and map patch windows against Yokogawa’s guidance. FAST/TOOLS users are directed to R10.04 with SP4; CI Server users are directed to R1.05.
Published ·Deep Fathom