{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27668", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2026-02-23T10:07:00.531Z", "datePublished": "2026-04-14T08:40:45.661Z", "dateUpdated": "2026-04-14T12:58:05.664Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2026-04-14T08:40:45.661Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level."}], "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)", "versions": [{"status": "affected", "version": "0", "lessThan": "V5.8", "versionType": "custom"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}, {"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "baseScore": 8.7, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T12:52:44.294388Z", "id": "CVE-2026-27668", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T12:58:05.664Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27668", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T12:52:44.294388Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T12:58:01.734Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}, {"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)", "versions": [{"status": "affected", "version": "0", "lessThan": "V5.8", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment"}]}], "providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2026-04-14T08:40:45.661Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27668", "state": "PUBLISHED", "dateUpdated": "2026-04-14T12:58:05.664Z", "dateReserved": "2026-02-23T10:07:00.531Z", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "datePublished": "2026-04-14T08:40:45.661Z", "assignerShortName": "siemens"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level."}], "id": "CVE-2026-27668", "lastModified": "2026-04-14T09:16:35.480", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "productcert@siemens.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2026-04-14T09:16:35.480", "references": [{"source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}], "source": "productcert@siemens.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,V5.8)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)", "source": "cna", "vendor": "Siemens"}, "product": "ruggedcom_crossbow_secure_access_manager_primary_(sam-p)", "vendor": "siemens"}], "analysis": {"en": {"generated_at": "2026-04-14T10:50:21.821096+00:00", "value": {"mitigation_remediation": ["Upgrade all SAM\u2011P installations to version 5.8 or later, or apply any vendor\u2011supplied patch addressing this issue.", "Limit the number of User Administrator accounts and enforce least\u2011privilege policies to reduce the risk of accidental or malicious misuse.", "Configure audit logging for group membership changes and regularly review logs to detect unauthorized modifications."], "summary": {"action": "Apply Vendor Update", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM\u2011P) is affected; all releases older than version 5.8 contain the vulnerability.", "description_and_impact": "The flaw permits a User Administrator with valid credentials to alter group memberships for any device group, effectively granting themselves full access to devices at any authorization level. This improper authorization defect enables an authenticated internal user to elevate privileges beyond what their role permits, potentially exposing confidential device data and control interfaces.", "risk_and_exploitability": "The CVSS base score of 8.7 classifies this as a high\u2011severity vulnerability. No EPSS data is available and the flaw is not listed in the CISA KEV catalog. Attackers must possess a User Administrator account; once authenticated, exploitation is straightforward and requires no additional steps beyond modifying group assignments."}}}}, "created": "2026-04-14T16:15:41.517182+00:00", "title": "Privilege Escalation via Improper Group Administration in Siemens RUGGEDCOM Secure Access Manager", "updated": "2026-04-14T16:30:38.530433+00:00", "vendors": ["siemens", "siemens$PRODUCT$ruggedcom_crossbow_secure_access_manager_primary_(sam-p)"]}