PatchSiren cyber security CVE debrief
CVE-2026-36176 GNCC CVE debrief
CVE-2026-36176 is a HIGH-severity vulnerability in GNCC GP5 v7.1.76. The vulnerability allows physically-proximate attackers to extract pre-signed Backblaze B2 upload URLs (PUT requests) stored in plaintext to the serial console, enabling unauthorized operations via monitoring the serial UART interface.
- Vendor
- GNCC
- Product
- GP5
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-04
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-04
Who should care
Administrators and users of GNCC GP5 v7.1.76, especially those concerned with physical security and data integrity.
Technical summary
GNCC GP5 v7.1.76 stores pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. Physically-proximate attackers can extract these active tokens to perform unauthorized operations via monitoring the serial UART interface.
Defensive priority
HIGH
Recommended defensive actions
- Restrict physical access to the serial console.
- Implement secure storage and handling of pre-signed Backblaze B2 upload URLs.
- Monitor for and respond to potential unauthorized access attempts.
Evidence notes
The vulnerability was discovered in GNCC GP5 v7.1.76.
Official resources
CVE-2026-36176 was published on 2026-06-04T15:16:51.410Z and modified on 2026-06-04T17:16:32.373Z.