Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-7390
PUBLISHED
More InfoOfficial Page
Assigner-Softing
Assigner Org ID-10de8ef9-5c89-4b17-8228-e97b74acf4bd
View Known Exploited Vulnerability (KEV) details
Published At-21 Aug, 2025 | 06:08
Updated At-21 Aug, 2025 | 13:53
Rejected At-
▼CVE Numbering Authority (CNA)
Bypass the client certificate trust check of an opc.https server while only secure communication is allowed

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.

Affected Products
Vendor
Softing Industrial Automation GmbH
Product
OPC UA C++ SDK
Collection URL
https://industrial.softing.com/products/opc-ua-and-opc-classic-sdks/opc-ua-c-sdks-for-windows.html
Modules
  • opc.https server
Platforms
  • Windows
  • Linux
  • VxWorks
Default Status
unaffected
Versions
Affected
  • From 6.40 through 6.80 (custom)
    • -> unaffectedfrom6.80.1
Vendor
Softing Industrial Automation GmbH
Product
edgeConnector
Collection URL
https://industrial.softing.com/de/produkte/docker-container/edgeconnector.html
Platforms
  • Linux
Default Status
affected
Versions
Affected
  • From 0 through 2025.03 (custom)
Vendor
Softing Industrial Automation GmbH
Product
edgeAggregator
Collection URL
https://industrial.softing.com/de/produkte/docker-container/edgeaggregator.html
Platforms
  • Linux
Default Status
affected
Versions
Affected
  • From 0 through 2025.03 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-295CWE-295 Improper Certificate Validation
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-115CAPEC-115 Authentication Bypass
Solutions

OPC UA C++ SDK V6.80.1 Service-Patch

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.html
x_html
https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.json
x_json
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found