Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
Summary
A vulnerability in Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) allows authenticated User Administrators to escalate their privileges, granting them access to any device group at any level. Siemens has released version 5.8 or later to address this issue.
IFF Assessment
This vulnerability allows privilege escalation, enabling unauthorized access to critical infrastructure systems, which is detrimental to defenders.
Severity
The CVSS score of 8.8 reflects a high severity, indicating that an attacker with authenticated access can easily escalate privileges to gain complete control over device groups, impacting confidentiality, integrity, and availability.
Defender Context
This vulnerability highlights the risk of improper privilege assignment in critical infrastructure management systems. Defenders should prioritize patching affected Siemens RUGGEDCOM devices and monitor for any signs of unauthorized privilege escalation.