Platform
android
Component
atom-3x-projector
Fixed in
Mar Tue 10 17:57:35 CST 2026
CVE-2026-5777 affects the Atom 3X Projector, stemming from an insecure configuration of the Android Debug Bridge (ADB) service. This flaw allows an attacker on the same local network to exploit the device and achieve root-level access, effectively taking complete control. The vulnerability impacts versions of the Atom 3X Projector released prior to Mar Tue 10 17:57:35 CST 2026. A fix has been released, resolving this critical security issue.
The impact of CVE-2026-5777 is severe. An attacker gaining root access can perform virtually any action on the device, including installing malicious software, stealing sensitive data (personal files, credentials, media), modifying system settings, and even using the projector as a pivot point to attack other devices on the network. This vulnerability is particularly concerning because it requires only network proximity and no authentication, making it easily exploitable in shared environments. The lack of access controls on the ADB service significantly expands the attack surface, allowing for remote code execution without any prior interaction with the device.
CVE-2026-5777 was publicly disclosed on 2026-04-10. The vulnerability's ease of exploitation and potential for complete device compromise suggest a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept (PoC) code is anticipated given the vulnerability's nature and the lack of authentication. No confirmed exploitation campaigns have been reported at this time.
Exploit Status
EPSS
0.01% (2% percentile)
CISA SSVC
The primary mitigation for CVE-2026-5777 is to immediately upgrade the Atom 3X Projector to version Mar Tue 10 17:57:35 CST 2026 or later. If an immediate upgrade is not possible, consider segmenting the projector onto a separate, isolated network to limit potential damage. While a direct workaround is unavailable, disabling ADB access entirely (if functionality allows) could reduce the attack surface. Monitor network traffic for suspicious ADB connections originating from unauthorized devices. After upgrading, confirm the fix by attempting to connect to the ADB service from a remote machine; connection attempts should be rejected.
Update the Atom 3X projector firmware to the patched version (2026.03.10 or later) to disable the unauthenticated exposure of the ADB service on the local network. Verify the device's security configuration to ensure that only authorized devices can access the network. Consult the manufacturer's documentation for specific instructions on how to update the firmware.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5777 is a critical vulnerability in the Atom 3X Projector allowing unauthenticated attackers on the local network to gain root access due to improperly exposed ADB service.
You are affected if you are using an Atom 3X Projector version prior to Mar Tue 10 17:57:35 CST 2026.
Upgrade your Atom 3X Projector to version Mar Tue 10 17:57:35 CST 2026 or later to mitigate the vulnerability.
While no confirmed exploitation campaigns have been reported, the vulnerability's ease of exploitation suggests a potential for active exploitation.
Refer to the official Atom 3X Projector security advisory published on 2026-04-10 for detailed information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your build.gradle file and we'll tell you instantly if you're affected.