CVE-2026-40851 PUBLISHED

Command injection via USB

Assigner: CERTVDE
Reserved: 15.04.2026 Published: 27.05.2026 Updated: 27.05.2026

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 8.4

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	MB connect line
Product	mbNET/mbNET.rokey
Versions	Default: unaffected affected from 0.0.0 to 8.4.4 (incl.)

Vendor	MB connect line
Product	mbNET.mini
Versions	Default: unaffected affected from 0.0.0 to 3.0.2 (incl.)

Vendor	MB connect line
Product	mbNET/mbNET.rokey
Versions	Default: unaffected Version 8.4.4 is affected

Vendor	MB connect line
Product	mbNET.mini
Versions	Default: unaffected Version 3.0.2 is affected

Vendor	Helmholz
Product	REX200/250
Versions	Default: unaffected affected from 0.0.0 to 8.4.4 (incl.)

Vendor	Helmholz
Product	REX100
Versions	Default: unaffected affected from 0.0.0 to 3.0.2 (incl.)

Vendor	Helmholz
Product	REX200/250
Versions	Default: unaffected Version 8.4.4 is affected

Vendor	Helmholz
Product	REX100
Versions	Default: unaffected Version 3.0.2 is affected

Credits

Moritz Abrell from SySS GmbH finder
Christian Zäske from SySS GmbH finder

References

https://www.certvde.com/en/advisories/VDE-2026-054/

Problem Types

CWE-1287 Improper Validation of Specified Type of Input CWE