Critical severity9.1NVD Advisory· Published Aug 21, 2025· Updated Apr 15, 2026

CVE-2025-7390

Description

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.htmlnvd
industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.jsonnvd

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000