A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.
Weakness
The product does not validate, or incorrectly validates, a certificate.
Potential Mitigations
References