CVE-2025-24007

Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System (MSS) (All versions) SIRIUS Safety Relays 3SK2 (All versions)

Description: A vulnerability has been identified where affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection against inadvertent operating errors.

Recommendations: For SIRIUS 3RK3 Modular Safety System (MSS), consider changing the password to a stronger one and restricting network access to minimize the risk of exploitation. For SIRIUS Safety Relays 3SK2, consider changing the password to a stronger one and restricting network access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.