Vulnerability in Siemens Sirius 3rk3 Modular Safety System (Mss)
CVE-2025-24007
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). Affected devices only provide weak password obfuscation. An attacker with network access could retriev…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.002 (15.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Siemens Sirius 3rk3 Modular Safety System (Mss) — versions 0
- Siemens Sirius Safety Relays 3sk2 — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-24007?
- CVE-2025-24007 is a high-severity vulnerability in Siemens Sirius 3rk3 Modular Safety System (Mss), classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.5/10. Published 2025-05-13.
- How severe is CVE-2025-24007?
- High severity. CVSS v3 base score is 7.5 out of 10.