CVE 8.5 HIGH

Glory RBG-100 Recycler System Local Privilege Escalation via Insecure File Permissions_CVE-2026-23648

February 17, 2026 invoker category_cve

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation.

AI Analysis

Local privilege escalation vulnerability due to insecure file permissions in Glory RBG-100 recycler systems

Basic Information

ID CVE-2026-23648

Source VulnCheck

Published Feb 17, 2026 at 16:30

Affected Product

Vendor Glory Global Solutions

Product RBG-100

Affected Versions Glory Global Solutions RBG-100 0

CWE Classification

CWE-732

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Glory Global Solutions

Product RBG-100

References

{
    "lastseen": "",
    "description": "Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation.",
    "published": "2026-02-17T16:30:33.668Z",
    "modified": "2026-02-17T16:30:33.668Z",
    "type": "cve",
    "title": "Glory RBG-100 Recycler System Local Privilege Escalation via Insecure File Permissions",
    "source": "VulnCheck",
    "references": "https://www.glory-global.com/\nhttps://www.vulncheck.com/advisories/glory-rbg-100-recycler-system-local-privilege-escalation-via-insecure-file-permissions",
    "id": "CVE-2026-23648",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "Glory Global Solutions RBG-100 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RBG-100",
    "version": "0",
    "vendor": "Glory Global Solutions",
    "ai_description": "Local privilege escalation vulnerability due to insecure file permissions in Glory RBG-100 recycler systems",
    "ai_severity": "High",
    "ai_vendor": "Glory Global Solutions",
    "ai_product": "RBG-100",
    "ai_version": "0",
    "ai_score": 8.5
}

💭 Join the Security Discussion ❌ Cancel Reply