CVE-2026-23648

Name of the Vulnerable Software and Affected Versions Glory RBG-100 recycler systems versions using the ISPK-08 software component (affected versions not specified)

Description The Glory RBG-100 recycler systems, utilizing the ISPK-08 software component, have system binaries with excessively open file permissions. Specifically, several binaries that run with root privileges are writable and executable by local users without elevated permissions. This allows a local attacker to replace or modify these binaries, leading to the execution of arbitrary commands with root privileges and enabling local privilege escalation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.