Authorization Bypass Vulnerability in RUGGEDCOM CROSSBOW by Siemens

CVE-2023-27310

What is CVE-2023-27310?

An authorization bypass vulnerability exists in RUGGEDCOM CROSSBOW due to inadequate permission checks in the client query handler. This flaw allows an authenticated remote attacker to assign administrative privileges to non-privileged user accounts, potentially compromising network security. Organizations using affected versions should implement immediate security measures to mitigate risk.

References