CVE-2026-23648
Received Received - Intake
Local Privilege Escalation via Writable Binaries in Glory RBG

Publication date: 2026-02-17

Last updated on: 2026-02-17

Assigner: VulnCheck

Description
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-17
Last Modified
2026-02-17
Generated
2026-06-16
AI Q&A
2026-02-17
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23648
EUVD
EUVD-2026-7910
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
glory rbg-100_recycler_system *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-23648 affects the Glory RBG-100 Recycler System, specifically the ISPK-08 software component. The vulnerability is due to multiple system binaries having overly permissive file permissions. Several binaries that run with root privileges are writable and executable by unprivileged local users.

This improper permission setting allows a local attacker who has access to the system to replace or modify these binaries. By doing so, the attacker can execute arbitrary commands with root privileges, leading to local privilege escalation.

Impact Analysis

This vulnerability can have a significant impact because it allows an attacker with local access to escalate their privileges to root level. This means the attacker can execute any command on the system with the highest level of permissions.

  • Unauthorized modification or replacement of critical system binaries.
  • Execution of arbitrary commands with root privileges.
  • Potential full system compromise due to elevated privileges.
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking the file permissions of system binaries executed by the root user on the Glory RBG-100 recycler system. Specifically, you should look for binaries that are writable and executable by unprivileged local users, which indicates overly permissive file permissions.'}, {'type': 'paragraph', 'content': "Commands to detect such insecure permissions include using 'ls -l' to list permissions of relevant binaries and 'find' to locate files with writable permissions for non-root users. For example:"}, {'type': 'list_item', 'content': 'ls -l /path/to/binaries'}, {'type': 'list_item', 'content': 'find /path/to/binaries -perm /022 -type f -exec ls -l {} \\;'}, {'type': 'paragraph', 'content': 'These commands help identify binaries that are writable by group or others, which should not be the case for root-executed binaries.'}] [1]

Mitigation Strategies

Immediate mitigation steps involve correcting the file permissions of the affected system binaries to remove write and execute permissions from unprivileged users. This prevents local attackers from modifying or replacing these binaries.

Specifically, you should:

  • Identify all affected binaries with overly permissive permissions.
  • Use chmod to set appropriate permissions, for example: chmod 755 or more restrictive, ensuring only root can write to these binaries.
  • Restrict local user access to these binaries where possible.

Additionally, monitor for any unauthorized changes to these binaries and apply vendor patches or updates once available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23648. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart