Glory RBG-100 recycler systems are critically vulnerable to remote takeover due to the inclusion of hardcoded administrative credentials in the underlying Linux operating system.

The ISPK-08 software component contains multiple local user accounts with fixed, embedded passwords. An unauthenticated attacker with network access can use these credentials to authenticate via services like SSH and gain administrative control over the Linux system.

The compromise of a currency recycler system poses significant financial and operational risks. The CVSS score of 9.8 reflects the ease with which an attacker can gain elevated privileges, potentially leading to the manipulation of financial hardware or the theft of sensitive data.

Immediate Action: Update the RBG-100 ISPK-08 software to the latest version and change all default or hardcoded credentials if the patch allows.

Proactive Monitoring: Monitor for unauthorized SSH connection attempts to recycler hardware and audit system logs for logins using known default account names.

Compensating Controls: Block SSH access to these devices from the general network and ensure they are placed behind a strict firewall or on an isolated segment.

Public Exploit Available: false

Hardcoded credentials in industrial and financial hardware are highly attractive targets for attackers. It is vital to apply the manufacturer's updates immediately and restrict network access to these devices to mitigate the risk of remote authentication.