Description
A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.
Published: 2026-05-27
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A local attacker can exploit a flaw in the cfgparser by inserting a specially crafted file onto a USB stick. When the device reads the file, the parser's confusion attack leads to execution of arbitrary code, enabling total loss of confidentiality, integrity and availability. The weakness is identified as CWE‑1287 because the system fails to validate or sanitize input taken from removable media.

Affected Systems

Vendors affected include Helmholz and MB Connect Line. Helmholz REX100 devices running firmware 3.0.2 and REX200/250 devices running firmware 8.4.4 are vulnerable. MB Connect Line devices, specifically mbNET.mini running 3.0.2 and mbNET/mbNET.rokey running 8.4.4, are also impacted.

Risk and Exploitability

The CVSS score of 8.4 classifies this as a high‑severity vulnerability. EPSS data is not available, and the issue is not yet listed in CISA KEV, but the attack vector is local, requiring physical access to the device via USB. If exploited, the attacker can gain complete control over the affected device, leading to a full compromise of the system.

Generated by OpenCVE AI on May 27, 2026 at 10:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update or patch released by Helmholz for REX100 and REX200/250 devices that addresses the cfgparser flaw.
  • Apply the latest firmware update or patch released by MB Connect Line for mbNET.mini and mbNET/mbNET.rokey devices to prevent ambiguity in configuration parsing.
  • Disable or restrict USB storage on all affected devices so that the system cannot read configuration files from external media, thereby eliminating the local attack surface.

Generated by OpenCVE AI on May 27, 2026 at 10:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 27 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.
Title Command injection via USB
First Time appeared Helmholz
Helmholz rex100
Helmholz rex200 250
Mb Connect Line
Mb Connect Line mbnet
Mb Connect Line mbnet.mini
Mb Connect Line mbnet Mbnet.rokey
Weaknesses CWE-1287
CPEs cpe:2.3:a:helmholz:rex100:*:*:*:*:*:*:*:*
cpe:2.3:a:helmholz:rex200_250:*:*:*:*:*:*:*:*
cpe:2.3:a:mb_connect_line:mbnet.mini:*:*:*:*:*:*:*:*
cpe:2.3:a:mb_connect_line:mbnet_mbnet.rokey:*:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex100:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex200_250:8.4.4:*:*:*:*:*:*:*
cpe:2.3:o:mb_connect_line:mbnet.mini:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:mb_connect_line:mbnet:8.4.4:*:*:*:*:*:*:*
Vendors & Products Helmholz
Helmholz rex100
Helmholz rex200 250
Mb Connect Line
Mb Connect Line mbnet
Mb Connect Line mbnet.mini
Mb Connect Line mbnet Mbnet.rokey
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Helmholz Rex100 Rex200 250
Mb Connect Line Mbnet Mbnet.mini Mbnet Mbnet.rokey
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-05-27T11:54:33.819Z

Reserved: 2026-04-15T09:33:02.614Z

Link: CVE-2026-40851

cve-icon Vulnrichment

Updated: 2026-05-27T11:54:26.453Z

cve-icon NVD

Status : Deferred

Published: 2026-05-27T09:16:31.687

Modified: 2026-05-27T14:53:22.863

Link: CVE-2026-40851

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:45:32Z

Weaknesses