Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
Glory RBG-100 Systems Expose Root Access to Unauthorized Users
CVE-2026-23648
Summary
The ISPK-08 software on some Glory RBG-100 recyclers has weak file permissions, allowing a local attacker to replace or modify critical system files and gain root access. This means an unauthorized person with access to the machine can gain complete control. To protect your system, update the ISPK-08 software to the latest version as soon as possible.
Original title
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable...
Original description
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-732
Incorrect Permission Assignment for Critical Resource
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026