CISA 2026-05-05

ABB B&R Automation Studio

CVE-2025-11043

Machine-generated analysis · WAYSCloud LLM

The vulnerability allows an attacker to intercept and manipulate data exchanges by exploiting improper certificate validation in the OPC-UA and ANSL over TLS clients.

Context

ABB B&R Automation Studio is an engineering and configuration software for industrial automation systems. The advisory states that an unauthenticated network attacker could position themselves to intercept and interfere with data exchanges. The affected product is used in critical manufacturing sectors worldwide.

Operator considerations

Patch: Upgrade to Automation Studio version 6.5 as recommended by the vendor.
Isolate: Operate within Level 2 of the ABB ICS Cyber Security Reference Architecture when connecting to Level 1 devices.

From Cybersecurity and Infrastructure Security Agency ↗

ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. Successful exploitation of this vulnerability may enable an attacker to masquerade as a trusted party when B&R Automation Studio establishes a connection with a server via the ANSL over TLS or OPC-UA protocol.

The following versions of ABB B&R Automation Studio are affected:

Automation Studio

Read the full advisory on CISA →