CVE-2025-24009

Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System (MSS) (All versions) SIRIUS Safety Relays 3SK2 (All versions)

Description: A vulnerability has been identified where the affected devices do not require authentication to access critical resources. An attacker with network access could retrieve sensitive information from certain data records, including obfuscated safety passwords.

Recommendations: For SIRIUS 3RK3 Modular Safety System (MSS) (All versions), restrict access to critical resources to minimize the risk of exploitation. For SIRIUS Safety Relays 3SK2 (All versions), restrict access to critical resources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.