VDB

CVE-2025-24009

CVE-2025-24009 PUBLISHED CVSS 5.900000095367432 MEDIUM

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). The affected devices do not require authentication to access critical resources. An attacker with network access could retrieve sensitive information from certain data records, including obfuscated safety passwords.

EPSS 0.13% · 31.7th percentile

Risk Scores

CVSS v3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.13%
31.7th percentile

Affected Products

VendorProductVersions
SiemensSIRIUS Safety Relays 3SK20
SiemensSIRIUS 3RK3 Modular Safety System (MSS)0

Timeline

  • May 13, 2025 EPSS Score
  • May 13, 2025 CVE Published
  • May 15, 2025 PoC Published
  • May 17, 2025 Coalition ESS Score
  • May 24, 2025 EPSS Score
  • May 30, 2025 Coalition ESS Score
  • Jun 5, 2025 EPSS Score
  • Jun 16, 2025 EPSS Score
  • Jun 28, 2025 EPSS Score
  • Jul 9, 2025 EPSS Score
  • Jul 20, 2025 EPSS Score
  • Aug 1, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›