Authentication Bypass in SIRIUS Safety Relays and Modular Safety System by Siemens
CVE-2025-24009

8.2HIGH

Key Information:

Vendor

Siemens
Status
Sirius 3rk3 Modular Safety System (mss)
Sirius Safety Relays 3sk2
Vendor
CVE Published:
13 May 2025

What is CVE-2025-24009?

A security issue has been discovered in SIRIUS 3RK3 Modular Safety System and SIRIUS Safety Relays 3SK2, where critical resources can be accessed without authentication. This vulnerability allows individuals with network access to retrieve sensitive information, including obfuscated safety passwords, potentially compromising the safety and integrity of industrial systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SIRIUS 3RK3 Modular Safety System (MSS) 0

SIRIUS Safety Relays 3SK2 0

References

https://cert-portal.siemens.com/productcert/html/ssa-2227...

CVSS V4

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.