← Back to home
SIEMENS-SSA-222768  ·  Published 2025-05-13  ·  View on Siemens ProductCERT ↗

SSA-222768 V1.0: Multiple Vulnerabilities in SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems

CVSS N/A MEDIUM

Risk Summary

<p>SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems only provide weak password obfuscation. An attacker with access to the PROFINET or serial interface of the device could eavesdrop or read the stored password from the device and de-obfuscate it. The safety passwords work as protection against unauthorized operation (i.e., protection against inadvertent operating errors) but not as protection against malicious access attempts.</p> <p>Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-222768 V1.0: Multiple Vulnerabilities in SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more