Automation Studio Insufficient Server Certificate Validation

Plan PatchCVSS 7.4sa25p004Jan 19, 2026

ABBB&R Automation

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

B&R Automation Studio versions prior to 6.5 do not properly validate server certificates when connecting to remote servers via ANSL over TLS or OPC-UA protocols. An attacker on the network can impersonate a trusted server, allowing credential theft, command injection, or configuration tampering.

What this means

What could happen

An attacker on the network could intercept communication between Automation Studio and a server, posing as a legitimate server to steal credentials, manipulate engineering commands, or modify device configurations sent to connected PLCs or RTUs.

Who's at risk

Engineering teams and integration personnel who use B&R Automation Studio to configure, program, or connect to B&R Automation PLCs, RTUs, and related controllers. This affects automotive suppliers, machinery manufacturers, and food/beverage producers who rely on B&R industrial automation equipment.

How it could be exploited

An attacker performs a man-in-the-middle attack on the network segment where Automation Studio connects to servers. When Automation Studio initiates a connection using ANSL over TLS or OPC-UA protocol, the attacker intercepts it and presents a fraudulent server certificate. Because the software does not properly validate the certificate, the connection is accepted and the attacker can eavesdrop or inject commands.

Prerequisites

Network access to intercept traffic between Automation Studio and remote servers
Ability to position a device between the engineering workstation and the server (ARP spoofing, DNS hijacking, or network access point control)
Target uses ANSL over TLS or OPC-UA protocols to connect to servers

remotely exploitableno authentication requiredaffects OT engineering tools used to configure control devicesnetwork-based attack requires positioning (medium complexity)

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

Automation Studio <6.5<6.56.5

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Automation Studio to version 6.5 or later

CVEs (1)

CVE-2025-11043

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/34b3aa96-dd4f-4078-b776-957dbb5db655

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.