CVE-2025-7390 Bypass the client certificate trust check of an opc.https server while only secure communication is allowed

Publishedon 2025-08-14

CVSS · CRITICAL · 9.1⁄10 · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Scoring scenario: GENERAL
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
Open CVSS Calc

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.

Problem:

CWE-295 Improper Certificate Validation CWE-295

Impact:

CAPEC-115 Authentication Bypass CAPEC-115

Product Status:

ProductAffected
Softing Industrial Automation GmbH OPC UA C++ SDK » opc.https server on Windows, Linux, VxWorks
package repo
Default status is unaffected		from 6.40 through 6.80 (unaffected from 6.80.1)
Softing Industrial Automation GmbH edgeConnector on Linux
package repo
Default status is affected		 through 2025.03
Softing Industrial Automation GmbH edgeAggregator on Linux
package repo
Default status is affected		 through 2025.03

Solution:

OPC UA C++ SDK V6.80.1 Service-Patch

References

industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.html x_html
industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.json x_json