CVE-2026-30495: n/a
The Optoma CinemaX P2 projector running firmware TVOS-04. 24. 010. 04. 01 (Android 8. 0. 0) exposes the Android Debug Bridge (ADB) service on TCP port 5555 without requiring authentication. The device disables RSA key verification for ADB connections and includes a su binary that grants root privileges without authentication. An attacker on the same network can connect to the device via ADB, obtain a shell, escalate to root, and gain full control. This enables extraction of WiFi credentials, installation of persistent malware, and access to all device data.
AI Analysis
Technical Summary
This vulnerability affects the Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01 based on Android 8.0.0. The device exposes ADB on TCP port 5555 without authentication due to the configuration ro.adb.secure=0, which disables RSA key verification. Additionally, a su binary located at /system/xbin/su allows privilege escalation to root without authentication. An attacker on the local network can exploit these weaknesses to gain root shell access, compromising device confidentiality and integrity by extracting stored WiFi credentials, installing malware, and accessing all device data.
Potential Impact
An attacker with network access to the device can gain unauthenticated root shell access via ADB. This leads to complete compromise of the device, including extraction of sensitive WiFi credentials, installation of persistent malware, and full access to all stored data. The vulnerability undermines device security and privacy, potentially enabling further network attacks or persistent footholds.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the device to trusted users only and disable ADB over the network if possible. Monitor for any vendor updates addressing this vulnerability.
CVE-2026-30495: n/a
Description
The Optoma CinemaX P2 projector running firmware TVOS-04. 24. 010. 04. 01 (Android 8. 0. 0) exposes the Android Debug Bridge (ADB) service on TCP port 5555 without requiring authentication. The device disables RSA key verification for ADB connections and includes a su binary that grants root privileges without authentication. An attacker on the same network can connect to the device via ADB, obtain a shell, escalate to root, and gain full control. This enables extraction of WiFi credentials, installation of persistent malware, and access to all device data.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects the Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01 based on Android 8.0.0. The device exposes ADB on TCP port 5555 without authentication due to the configuration ro.adb.secure=0, which disables RSA key verification. Additionally, a su binary located at /system/xbin/su allows privilege escalation to root without authentication. An attacker on the local network can exploit these weaknesses to gain root shell access, compromising device confidentiality and integrity by extracting stored WiFi credentials, installing malware, and accessing all device data.
Potential Impact
An attacker with network access to the device can gain unauthenticated root shell access via ADB. This leads to complete compromise of the device, including extraction of sensitive WiFi credentials, installation of persistent malware, and full access to all stored data. The vulnerability undermines device security and privacy, potentially enabling further network attacks or persistent footholds.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the device to trusted users only and disable ADB over the network if possible. Monitor for any vendor updates addressing this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-03-04T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fd3ebfcbff5d86106d049d
Added to database: 5/8/2026, 1:39:11 AM
Last enriched: 5/8/2026, 1:39:35 AM
Last updated: 5/8/2026, 7:30:18 PM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.