CVE-2025-11043

Critical CVSS: 9.1

An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges.

Vendor

Product

CWE

CWE-295

Yayın Tarihi

2026-01-19 16:15:52

Güncelleme

2026-01-26 15:05:39

Source Identifier

cybersecurity@ch.abb.com

KEV Date Added

Kategoriler

CWE-295 CRITICAL 2026

Referanslar

https://www.br-automation.com/fileadmin/SA25P004-4f45197f.pdf