PT-2026-3449 · Schneider Electric · Automation Studio
Published
2026-01-19
·
Updated
2026-05-06
·
CVE-2025-11043
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Automation Studio versions prior to 6.5
Description
An Improper Certificate Validation issue exists in the OPC-UA client and ANSL over TLS client. This could allow an unauthenticated attacker on the network to intercept and interfere with data exchanges.
Recommendations
Update Automation Studio to version 6.5 or later.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Automation Studio