CVE-2026-23648

HIGH 7.8

Glory RBG-100 Recycler System Local Privilege Escalation via Insecure File Permissions

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation.

CWE	CWE-732
Vendor	glory global solutions
Product	rbg-100
Published	Feb 17, 2026
Last Updated	Feb 18, 2026

Stay Ahead of the Next One

Get instant alerts for glory global solutions rbg-100

Be the first to know when new high vulnerabilities affecting glory global solutions rbg-100 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Glory Global Solutions / RBG-100

References

NVD ↗ CVE.org ↗ EPSS Data ↗

glory-global.com: https://www.glory-global.com/ vulncheck.com: https://www.vulncheck.com/advisories/glory-rbg-100-recycler-system-local-privilege-escalation-via-insecure-file-permissions

Credits

Victor A. Morales, Senior Pentester Team Leader, GM Sectec, Corp. Omar Crespo, Pentester, GM Sectec, Corp. VulnCheck