Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

Plan PatchCVSS 7.7ICS-CERT ICSA-26-111-08Apr 14, 2026

Siemens

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityHigh

User InteractionNone needed

Summary

RUGGEDCOM CROSSBOW Station Access Controller (SAC) versions prior to 5.8 contain a vulnerability allowing authenticated attackers to achieve arbitrary code execution and create denial of service conditions. The vulnerability affects the device's ability to manage network traffic and access control in industrial networks.

What this means

What could happen

An attacker with login credentials could run arbitrary commands on the RUGGEDCOM CROSSBOW SAC, potentially altering network traffic routing, access controls, or station connectivity, or crash the device to interrupt network management functions.

Who's at risk

Operators of Siemens RUGGEDCOM CROSSBOW Station Access Controllers used in utility networks and critical infrastructure, particularly those managing industrial network traffic, access control, or providing redundancy in SCADA and power distribution systems.

How it could be exploited

An attacker must first authenticate to the RUGGEDCOM CROSSBOW SAC using valid credentials, then exploit the vulnerability to execute arbitrary code, giving them full control over the device's operations and the ability to disrupt or manipulate traffic passing through it.

Prerequisites

Valid login credentials for RUGGEDCOM CROSSBOW SAC
Network access to the management interface of the device

Remotely exploitableRequires valid credentialsModerate complexity attackAffects network infrastructure

Exploitability

Some exploitation risk — EPSS score 1.0%

Affected products (1)

ProductAffected VersionsFix Status

RUGGEDCOM CROSSBOW Station Access Controller (SAC)< 5.85.8

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate RUGGEDCOM CROSSBOW SAC to version 5.8 or later

CVEs (1)

CVE-2025-6965

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b075f199-a5c4-4c0a-9f6c-4e37fd78a665

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.