Siemens SIRIUS Safety Relays and Modular Safety Systems Authentication Bypass Vulnerability Allowing Sensitive Data Access
Vulnerability
An authentication bypass vulnerability has been identified in Siemens SIRIUS 3RK3 Modular Safety System (MSS) and SIRIUS Safety Relays 3SK2, affecting all versions. The vulnerability allows an attacker with network access to retrieve sensitive information from certain data records, including obfuscated safety passwords. The safety passwords are intended to protect against unauthorized operation but do not safeguard against malicious access attempts.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information, specifically obfuscated safety passwords, which could then be de-obfuscated and used to bypass operational safeguards.
Remediation
Siemens is preparing fixed versions for these products and recommends limiting physical access to affected devices to trusted personnel. Additionally, ensure network isolation of the PROFINET interface to prevent access from unauthorized systems.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.