CVE Catalog

CVE-2026-36175

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

A vulnerability in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access by interrupting the boot sequence and injecting a crafted string into kernel boot arguments.

Risk Assessment

An attacker with physical access can gain full control over the device, compromising confidentiality, integrity, and availability.

Recommendation

Immediately update the firmware to a patched version and implement physical security measures to prevent unauthorized access to the boot interface.

Original NVD description (English source)

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS