CVE-2025-11696 – Studio 5000 ® Simulation Interface SSRF

CVE ID : CVE-2025-11696

Published : Nov. 11, 2025, 2:15 p.m. | 1 hour, 16 minutes ago

Description : A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.

Severity: 8.9 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…