CVE-2025-24007 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-24007 PUBLISHED CVSS 7.5 HIGH

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). Affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection against inadvertent operating errors.

EPSS 0.17% · 37.7th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.17%

37.7th percentile

Affected Products

Vendor	Product	Versions
Siemens	SIRIUS Safety Relays 3SK2	0
Siemens	SIRIUS 3RK3 Modular Safety System (MSS)	0

Timeline

May 13, 2025 EPSS Score
May 13, 2025 CVE Published
May 13, 2025 PoC Published
May 15, 2025 PoC Published
May 24, 2025 EPSS Score
May 30, 2025 Coalition ESS Score
Jun 4, 2025 EPSS Score
Jun 15, 2025 EPSS Score
Jun 26, 2025 EPSS Score
Jul 6, 2025 EPSS Score
Jul 17, 2025 EPSS Score
Jul 28, 2025 EPSS Score

References

Open in Interactive Console →