CVE-2026-27668
Received Received - Intake
Privilege Escalation in RUGGEDCOM SAM-P via Group Access Misconfiguration

Publication date: 2026-04-14

Last updated on: 2026-04-14

Assigner: Siemens AG

Description
A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-14
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2026-04-14
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27668
EUVD
EUVD-2026-22237
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
siemens ruggedcom_crossbow_secure_access_manager_primary to 5.8 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability CVE-2026-27668 affects Siemens' RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) versions prior to V5.8.

It is a privilege escalation flaw where authenticated User Administrators, who are allowed to administer groups they belong to, can exploit this to escalate their privileges by granting themselves access to any device group at any access level.

This means a User Administrator can increase their permissions beyond what they are normally allowed, potentially gaining full control over device groups.

Impact Analysis

This vulnerability can have a significant impact by allowing an authenticated User Administrator to escalate their privileges and gain unauthorized access to any device group at any access level.

Such unauthorized access could lead to full control over critical devices managed by the RUGGEDCOM CROSSBOW system, potentially compromising the security and integrity of the network.

The vulnerability has a high severity rating with a CVSS v3.1 base score of 8.8, indicating a serious risk.

Siemens recommends updating to version 5.8 or later and protecting network access with appropriate security mechanisms to mitigate this risk.

Mitigation Strategies

To mitigate the CVE-2026-27668 vulnerability, Siemens recommends updating affected installations of RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) to version 5.8 or later.

Additionally, general security measures include protecting network access to devices with appropriate mechanisms and configuring the operational environment according to Siemens' Industrial Security guidelines.

Further product-specific mitigations are detailed in the Siemens advisory.

Compliance Impact

The RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) is designed to provide NERC CIP compliant access to Intelligent Electronic Devices. This vulnerability allows authenticated User Administrators to escalate their privileges and gain unauthorized access to any device group, which could undermine the security controls required for compliance with standards like NERC CIP.

While the advisory specifically mentions NERC CIP compliance, it does not explicitly address impacts on other common standards and regulations such as GDPR or HIPAA. However, privilege escalation vulnerabilities that allow unauthorized access generally pose risks to compliance with data protection and security regulations by potentially exposing sensitive data or critical infrastructure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27668. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart