CVE-2025-11043
Unknown Unknown - Not Provided
Improper Certificate Validation in Automation Studio OPC-UA Client Enables MITM

Publication date: 2026-01-19

Last updated on: 2026-01-19

Assigner: Asea Brown Boveri Ltd. (ABB)

Description
An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-19
Last Modified
2026-01-19
Generated
2026-06-16
AI Q&A
2026-01-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11043
EUVD
EUVD-2026-3213
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
b&r_automation automation_studio to 6.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-11043 is an Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in B&R Automation Studio versions before 6.5. It allows an unauthenticated attacker on the network to spoof a trusted server by presenting maliciously crafted certificates that pass validation checks. This enables the attacker to intercept and manipulate data exchanges between Automation Studio and the server by redirecting or intercepting network communications. [1]

Impact Analysis

This vulnerability can impact you by allowing an attacker to intercept and interfere with sensitive data exchanges between Automation Studio and its servers. The attacker can manipulate or steal confidential information, compromising the confidentiality and integrity of your data. Since no privileges or user interaction are required, and the attack can be performed remotely over the network, it poses a significant security risk until the software is updated. [1]

Mitigation Strategies

Immediate mitigation steps include updating Automation Studio to version 6.5 or later, which fixes the certificate validation issue in the ANSL over TLS and OPC-UA clients. Additionally, operate Automation Studio within a trusted environment such as ABB ICS Cyber Security Reference Architecture Level 2, isolate automation networks behind firewalls, restrict physical and network access, minimize network exposure, ensure all software and firmware are up to date, scan imported data for malware, and use secure remote access methods like VPNs. [1]

Detection Guidance

The provided resources do not include specific commands or detailed detection methods for identifying this vulnerability on your network or system. However, since the vulnerability involves improper certificate validation in the OPC-UA and ANSL over TLS clients of Automation Studio prior to version 6.5, detection could involve monitoring network traffic for suspicious TLS certificate exchanges or attempts to intercept or spoof server certificates. It is recommended to verify the Automation Studio version in use and ensure it is updated to 6.5 or later to mitigate the vulnerability. For precise detection commands or tools, consult B&R service organizations or ABB cybersecurity resources. [1]

Compliance Impact

The provided resources do not specify how this vulnerability directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11043. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart