Summary
ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. Successful exploitation of this vulnerability may enable an attacker to masquerade as a trusted party when B&R Automation Studio establishes a connection with a server via the ANSL over TLS or OPC-UA protocol.
The following versions of ABB B&R Automation Studio are affected:
- Automation Studio <6.5, 6.5 (CVE-2025-11043)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.4 | ABB | ABB B&R Automation Studio | Improper Certificate Validation |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Switzerland
Vulnerabilities
CVE-2025-11043
An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges.
Affected Products
ABB B&R Automation Studio
ABB
ABB Automation Studio <6.5
fixed, known_affected
Remediations
Vendor fix
The problem is corrected in the following product versions: B&R Automation Studio version 6.5 B&R recommends that customers apply the update at earliest convenience. The process to install updates is described in the user manual. The step to identify the installed product version is de-scribed in the user manual.
Mitigation
To exploit this vulnerability, an attacker would need to intercept and redirect the communication between B&R Automation Studio and the target server, as well as present manipulated certificates that pass validation checks. B&R recommends operating B&R Automation Studio within Level 2 of the ABB ICS Cyber Security Reference Architecture when connecting to Level 1 devices via ANSL over TLS or OPC-UA. Operating in this trusted environment reduces the risk of successful exploitation drastically. Refer to section “General security recommendations” for further advise on how to keep your system secure.
Relevant CWE: CWE-295 Improper Certificate Validation
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.4 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/RL:O/RC:C |
Acknowledgments
- ABB PSIRT reported this vulnerability to CISA.
Notice
The information in this document is subject to change without notice, and should not be construed as a commitment by B&R. B&R provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall B&R or any of its suppliers be liable for direct, indirect, special, incidental or conse-quential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if B&R or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from B&R, and the contents he
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: