CVE-2026-36175
MediumCVSS 6.8Exploitation Probability (EPSS)
Low risk10th percentile - higher than 10% of all known CVEs
Summary
A vulnerability in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access by interrupting the boot sequence and injecting a crafted string into kernel boot arguments.
Risk Assessment
An attacker with physical access can gain full control over the device, compromising confidentiality, integrity, and availability.
Recommendation
Immediately update the firmware to a patched version and implement physical security measures to prevent unauthorized access to the boot interface.
Original NVD description (English source)
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments.

