Skip to main content

Ruggedcom Crossbow Secure Access Manager Primary Sam P CVE-2026-27668

| EUVDEUVD-2026-22237 HIGH
Incorrect Privilege Assignment (CWE-266)
2026-04-14 siemens
8.7
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
CVSS changed
Apr 14, 2026 - 09:22 NVD
8.8 (HIGH) 8.7 (HIGH)
Analysis Generated
Apr 14, 2026 - 09:12 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 09:00 euvd
EUVD-2026-22237
Analysis Generated
Apr 14, 2026 - 09:00 vuln.today
CVE Published
Apr 14, 2026 - 08:40 nvd
HIGH 8.7

DescriptionCVE.org

A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.

AnalysisAI

Privilege escalation in Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) versions prior to V5.8 allows authenticated User Administrators to escalate their own privileges through improper group administration controls. Authenticated attackers with low-privilege User Administrator credentials can exploit flawed group membership logic to grant themselves unrestricted access to any device group at any access level, achieving full administrative control over critical industrial infrastructure. CVSS 8.8 (High) reflects network-accessible attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis, though the attack path is straightforward for authenticated insiders.

Technical ContextAI

RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) is an industrial network security appliance used in critical infrastructure environments to manage access control for operational technology (OT) devices. The vulnerability stems from CWE-266 (Incorrect Privilege Assignment), where the role-based access control (RBAC) implementation fails to properly restrict User Administrators' permissions when managing groups. The flawed design permits User Administrators to modify group memberships and permissions for groups they belong to, creating a recursive privilege escalation pathway. By manipulating their own group associations, attackers can iteratively assign themselves to higher-privileged device groups, ultimately gaining unrestricted administrative access across the entire managed device infrastructure. This affects all SAM-P deployments running firmware versions before V5.8, representing a critical access control boundary failure in environments where defense-in-depth assumes proper privilege separation between administrative tiers.

RemediationAI

Upgrade all RUGGEDCOM CROSSBOW SAM-P instances to firmware version V5.8 or later, which resolves the improper privilege assignment issue. Siemens has released the patched version addressing CWE-266 access control flaws in the User Administrator role implementation. Download the firmware update and review complete deployment guidance from the official Siemens ProductCERT advisory SSA-741509 at https://cert-portal.siemens.com/productcert/html/ssa-741509.html. As interim mitigations prior to patching, audit all User Administrator accounts to ensure only trusted personnel possess these credentials, implement enhanced monitoring for privilege escalation activities through SAM-P audit logs, review and restrict User Administrator role assignments to minimum necessary personnel, and consider temporary suspension of User Administrator accounts for non-essential users until patching is complete. Organizations should validate group membership assignments after upgrade to ensure no unauthorized privilege escalations occurred during the vulnerable window.

Share

CVE-2026-27668 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy