{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/br-automation-studio-6.5/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.4,"id":"CVE-2025-11043"}],"_cs_exploited":false,"_cs_products":["B\u0026R Automation Studio \u003c6.5"],"_cs_severities":["medium"],"_cs_tags":["ics","certificate validation","man-in-the-middle"],"_cs_type":"advisory","_cs_vendors":["ABB"],"content_html":"\u003cp\u003eABB B\u0026amp;R Automation Studio versions prior to 6.5 contain an improper certificate validation vulnerability in the OPC-UA client and ANSL over TLS client implementations. This flaw, identified as CVE-2025-11043, could enable an unauthenticated attacker with network access to intercept and manipulate data exchanges between Automation Studio and a server.  The vulnerability was discovered by ABB as part of their internal security analysis. Exploitation could allow an attacker to masquerade as a trusted party. ABB recommends upgrading to version 6.5, which addresses this vulnerability, and operating B\u0026amp;R Automation Studio within Level 2 of the ABB ICS Cyber Security Reference Architecture to mitigate the risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains network access to the targeted system, either through direct connection, misconfigured firewalls, or malware infection.\u003c/li\u003e\n\u003cli\u003eAttacker intercepts network traffic between the B\u0026amp;R Automation Studio client and the OPC-UA or ANSL over TLS server.\u003c/li\u003e\n\u003cli\u003eAttacker redirects the communication to a compromised node under their control, manipulating network routing or name resolution.\u003c/li\u003e\n\u003cli\u003eAttacker generates a maliciously crafted server certificate.\u003c/li\u003e\n\u003cli\u003eThe attacker presents the malicious certificate to the B\u0026amp;R Automation Studio client during the TLS handshake.\u003c/li\u003e\n\u003cli\u003eDue to the improper certificate validation, the B\u0026amp;R Automation Studio client accepts the malicious certificate.\u003c/li\u003e\n\u003cli\u003eAttacker intercepts and modifies data exchanged between the client and the legitimate server.\u003c/li\u003e\n\u003cli\u003eThe attacker gains the ability to spoof a trusted server, potentially leading to the disclosure of confidential information or alteration of data in transit.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-11043 allows an attacker to perform man-in-the-middle attacks, potentially leading to the disclosure of sensitive data or the manipulation of control system processes.  The vulnerability affects ABB B\u0026amp;R Automation Studio users in critical manufacturing and other sectors worldwide. Without proper patching and network segmentation, attackers can gain unauthorized access to ICS communications.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ABB B\u0026amp;R Automation Studio version 6.5, which addresses CVE-2025-11043.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to minimize network exposure for control system devices, as recommended by CISA.\u003c/li\u003e\n\u003cli\u003eOperate B\u0026amp;R Automation Studio within Level 2 of the ABB ICS Cyber Security Reference Architecture to reduce the risk of successful exploitation.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unexpected redirections or connections to untrusted servers using network connection logs.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-05T12:00:00Z","date_published":"2026-05-05T12:00:00Z","id":"/briefs/2026-05-abb-automation-studio-vuln/","summary":"ABB B\u0026R Automation Studio versions before 6.5 are vulnerable to improper certificate validation (CVE-2025-11043), potentially allowing an unauthenticated attacker to intercept and interfere with data exchanges, necessitating patching and secure network configurations.","title":"ABB B\u0026R Automation Studio Improper Certificate Validation Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-abb-automation-studio-vuln/"}],"language":"en","title":"CraftedSignal Threat Feed — B\u0026R Automation Studio \u003c6.5","version":"https://jsonfeed.org/version/1.1"}