OTPulse

Yokogawa FAST/TOOLS and CI Server

MonitorCVSS 7.5ICS-CERT ICSA-26-176-01Jun 25, 2026
Yokogawa
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Yokogawa FAST/TOOLS and Collaborative Information Server contain an information disclosure vulnerability in cleartext communication. An attacker without credentials can craft requests that cause the CI Server to return sensitive configuration information over the network. This affects FAST/TOOLS versions R9.01 through R10.04 and CI Server versions R1.01 through R1.04.

What this means
What could happen
An attacker can retrieve sensitive CI Server configuration information over the network without authentication, potentially exposing system settings needed to plan further attacks on your automation infrastructure.
Who's at risk
Operations teams using Yokogawa FAST/TOOLS (versions R9.01–R10.04) or Collaborative Information Server (versions R1.01–R1.04) for process automation, data integration, or distributed control coordination. This includes water treatment plants, power generation, and other process industries relying on Yokogawa automation platforms.
How it could be exploited
An attacker sends a specially crafted network request to an exposed FAST/TOOLS or CI Server instance. The server responds with CI Server configuration details that would normally be restricted. No authentication or special privileges are required.
Prerequisites
  • Network access to FAST/TOOLS or CI Server on its listening port
  • FAST/TOOLS version R9.01 through R10.04, or CI Server version R1.01 through R1.04
remotely exploitableno authentication requiredlow complexityinformation disclosure of system configuration
Exploitability
Unlikely to be exploited — EPSS score 0.2%
Affected products (2)
1 with fix1 pending
ProductAffected VersionsFix Status
FAST/TOOLS: >=R9.01|<=R10.04≥ R9.01|≤ R10.04Fix available
Collaborative Information Server (CI Server): >=R1.01|<=R1.04≥ R1.01|≤ R1.04No fix yet
Remediation & Mitigation
0/3
Do now
0/1
Collaborative Information Server (CI Server): >=R1.01|<=R1.04
WORKAROUNDRestrict network access to FAST/TOOLS and CI Server to authorized engineering workstations and control network segments only
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

Collaborative Information Server (CI Server): >=R1.01|<=R1.04
HOTFIXUpdate Collaborative Information Server (CI Server) to version R1.05 or later
All products
HOTFIXUpdate FAST/TOOLS to version R10.04 SP4 or later
View full CISA ICS-CERT advisory
API: /api/v1/advisories/0ee30426-bd2b-434e-817d-f1bd20490bb7

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.

Yokogawa FAST/TOOLS and CI Server | CVSS 7.5 - OTPulse