CVE-2026-27668
Privilege Escalation in RUGGEDCOM SAM-P via Group Access Misconfiguration
Publication date: 2026-04-14
Last updated on: 2026-04-14
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | ruggedcom_crossbow_secure_access_manager_primary | to 5.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability CVE-2026-27668 affects Siemens' RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) versions prior to V5.8.
It is a privilege escalation flaw where authenticated User Administrators, who are allowed to administer groups they belong to, can exploit this to escalate their privileges by granting themselves access to any device group at any access level.
This means a User Administrator can increase their permissions beyond what they are normally allowed, potentially gaining full control over device groups.
How can this vulnerability impact me? :
This vulnerability can have a significant impact by allowing an authenticated User Administrator to escalate their privileges and gain unauthorized access to any device group at any access level.
Such unauthorized access could lead to full control over critical devices managed by the RUGGEDCOM CROSSBOW system, potentially compromising the security and integrity of the network.
The vulnerability has a high severity rating with a CVSS v3.1 base score of 8.8, indicating a serious risk.
Siemens recommends updating to version 5.8 or later and protecting network access with appropriate security mechanisms to mitigate this risk.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2026-27668 vulnerability, Siemens recommends updating affected installations of RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) to version 5.8 or later.
Additionally, general security measures include protecting network access to devices with appropriate mechanisms and configuring the operational environment according to Siemens' Industrial Security guidelines.
Further product-specific mitigations are detailed in the Siemens advisory.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) is designed to provide NERC CIP compliant access to Intelligent Electronic Devices. This vulnerability allows authenticated User Administrators to escalate their privileges and gain unauthorized access to any device group, which could undermine the security controls required for compliance with standards like NERC CIP.
While the advisory specifically mentions NERC CIP compliance, it does not explicitly address impacts on other common standards and regulations such as GDPR or HIPAA. However, privilege escalation vulnerabilities that allow unauthorized access generally pose risks to compliance with data protection and security regulations by potentially exposing sensitive data or critical infrastructure.