Per The Hacker News, cybersecurity researchers have identified nine critical vulnerabilities in low-cost IP KVM devices that could allow attackers to gain extensive control over compromised hosts, posing a significant threat to network security.The vulnerabilities, discovered by Eclypsium across four different products including GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM, enable unauthenticated actors to achieve root access or execute malicious code. Common flaws include missing firmware signature validation, lack of brute-force protection, broken access controls, and exposed debug interfaces. Exploitation allows attackers to inject keystrokes, bypass security measures like Secure Boot, and gain BIOS/UEFI level access, effectively undermining existing security controls. The most severe flaw, CVE-2026-32297 with a CVSS score of 9.8, allows arbitrary code execution on Angeet ES3 KVM devices, with no fix currently available.These findings highlight a decade-old pattern of fundamental security control failures, now present in devices that offer physical access equivalence. The implications are severe, as a compromised KVM acts as a silent, persistent channel into multiple systems, capable of re-infecting hosts even after remediation. The lack of firmware signature verification also opens the door for supply-chain attacks. Recommended mitigations include isolating KVM devices on a separate VLAN, restricting internet access, enforcing multi-factor authentication where possible, and keeping firmware updated.Source: The Hacker News
Network Security, Vulnerability Management, Patch/Configuration Management
IP KVM device vulnerabilities pose significant network risks

An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



