Skip to main content

Ruggedcom Crossbow Secure Access Manager Primary Sam P

1 CVEs product

Monthly

CVE-2026-27668 HIGH CISA This Week

Privilege escalation in Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) versions prior to V5.8 allows authenticated User Administrators to escalate their own privileges through improper group administration controls. Authenticated attackers with low-privilege User Administrator credentials can exploit flawed group membership logic to grant themselves unrestricted access to any device group at any access level, achieving full administrative control over critical industrial infrastructure. CVSS 8.8 (High) reflects network-accessible attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis, though the attack path is straightforward for authenticated insiders.

Privilege Escalation Ruggedcom Crossbow Secure Access Manager Primary Sam P
NVD
CVSS 4.0
8.7
EPSS
0.0%
EPSS 0% CVSS 8.7
HIGH This Week

Privilege escalation in Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) versions prior to V5.8 allows authenticated User Administrators to escalate their own privileges through improper group administration controls. Authenticated attackers with low-privilege User Administrator credentials can exploit flawed group membership logic to grant themselves unrestricted access to any device group at any access level, achieving full administrative control over critical industrial infrastructure. CVSS 8.8 (High) reflects network-accessible attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis, though the attack path is straightforward for authenticated insiders.

Privilege Escalation Ruggedcom Crossbow Secure Access Manager Primary Sam P
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy