CVE-2025-7390 is a critical security vulnerability identified in Softing's OPC UA C++ SDK version 6.40. The flaw arises from improper certificate validation (CWE-295) within the OPC UA HTTPS server implementation. Specifically, when the server endpoint is configured to allow only secure communication, a malicious client can bypass the client certificate trust check. This means that the server fails to properly verify the authenticity of client certificates, allowing unauthorized clients to establish a secure connection without valid credentials. OPC UA (Open Platform Communications Unified Architecture) is widely used in industrial automation and critical infrastructure for secure and reliable machine-to-machine communication. The vulnerability has a CVSS v3.1 base score of 9.1, reflecting its critical nature. The attack vector is network-based (AV:N), requires no privileges (PR:N), no user interaction (UI:N), and affects confidentiality and integrity (C:H/I:H) but not availability (A:N). Exploiting this vulnerability could allow attackers to impersonate legitimate clients, gain unauthorized access to sensitive operational data, manipulate control commands, or disrupt trust models within industrial control systems. No patches or fixes are currently published, and no known exploits have been observed in the wild. However, the potential impact on industrial environments is significant due to the critical role of OPC UA in secure communications.

The impact of CVE-2025-7390 is substantial for organizations relying on Softing's OPC UA C++ SDK for secure communications in industrial automation, manufacturing, energy, and critical infrastructure sectors. Successful exploitation allows attackers to bypass client certificate authentication, leading to unauthorized access to sensitive operational data and control systems. This can result in data confidentiality breaches, unauthorized command execution, and potential manipulation or disruption of industrial processes. Given the criticality of OPC UA in supervisory control and data acquisition (SCADA) systems and other industrial control systems (ICS), this vulnerability could facilitate espionage, sabotage, or operational downtime. The lack of required privileges and user interaction lowers the barrier for exploitation, increasing risk. Organizations worldwide using affected versions may face increased risk of targeted attacks, especially those in sectors where OPC UA is prevalent. The absence of known exploits currently provides a window for proactive mitigation, but the critical CVSS score underscores the urgency of addressing this vulnerability.

1. Monitor Softing's official channels closely for the release of security patches addressing CVE-2025-7390 and apply them immediately upon availability. 2. Until patches are available, implement strict network segmentation to isolate OPC UA servers from untrusted networks and clients, limiting exposure. 3. Employ additional certificate validation mechanisms at the network or application layer, such as mutual TLS with external validation or hardware security modules (HSMs) to enforce certificate trust. 4. Conduct thorough audits of OPC UA server configurations to ensure endpoints are correctly set to require and validate client certificates. 5. Use intrusion detection and prevention systems (IDS/IPS) tuned to detect anomalous OPC UA traffic patterns indicative of unauthorized access attempts. 6. Enforce strict access controls and logging on OPC UA servers to monitor and respond to suspicious client connections. 7. Educate operational technology (OT) and security teams about this vulnerability and the importance of certificate validation in OPC UA communications. 8. Consider deploying compensating controls such as VPNs or secure gateways that add an additional layer of authentication and encryption.