9.1
/ 10
CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Description
An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges.
AI Analysis
Improper Server Certificate Validation vulnerability in B&R Automation Studio
Basic Information
ID
CVE-2025-11043
Source
ABB
Published
Jan 19, 2026 at 15:52
Affected Product
Vendor
B&R Industrial Automation GmbH
Product
B&R Automation Studio
Version
4
Affected Versions
B&R Industrial Automation GmbH B&R Automation Studio 4
B&R Industrial Automation GmbH B&R Automation Studio 6
B&R Industrial Automation GmbH B&R Automation Studio 6
CWE Classification
AI Assessment
AI Score
9.1 / 10
AI Severity
Critical
Vendor
B&R Industrial Automation GmbH
Product
B&R Automation Studio
Version
4, 6