OTPulse
FeedAboutContact

Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.2

Monitor6.6SSA-260625Mar 14, 2023
Attack VectorNetwork
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary

Two vulnerabilities in RUGGEDCOM CROSSBOW allow authenticated remote attackers to perform unauthorized actions (CVE-2023-27309) or escalate privileges (CVE-2023-27310). These flaws result from insufficient access control and privilege validation in the device management interface. Siemens has released version 5.2 which addresses both issues.

What this means
What could happen
An authenticated attacker with network access to RUGGEDCOM CROSSBOW could perform unauthorized actions on the device or escalate their privileges to gain full control, potentially disrupting network routing and segmentation in critical infrastructure.
Who's at risk
Utilities and critical infrastructure operators running RUGGEDCOM CROSSBOW industrial managed switches used for network connectivity in substations, plants, and remote field sites. This affects operators who use these devices for mission-critical network segmentation and routing in electrical, water, or other OT environments.
How it could be exploited
An attacker with valid credentials to RUGGEDCOM CROSSBOW could authenticate remotely over the network, exploit authorization bypass or privilege escalation vulnerabilities, and then execute unauthorized commands to reconfigure the device or gain administrative access.
Prerequisites
  • Network access to RUGGEDCOM CROSSBOW management interface
  • Valid authentication credentials (engineering or admin account)
remotely exploitableauthentication requiredhigh complexity attackaffects network segmentation
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM CROSSBOW< V5.25.2
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate RUGGEDCOM CROSSBOW to version 5.2 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b60317a4-1da1-44a3-a39e-d6415c10917f