"The common themes are damning: missing firmware signature validation, no brute-force protection, broken access controls, and exposed debug interfaces. With IP KVM devices enabling remote access to the target machine's keyboard, video output, and mouse input at the BIOS/UEFI level, successful exploitation of vulnerabilities in these products can expose systems to potential takeover risks, undermining security controls put in place."
"Nine vulnerabilities discovered by Eclypsium span four different products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. The most severe of them allow unauthenticated actors to gain root access or run malicious code."
Eclypsium researchers identified nine vulnerabilities across IP KVM products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. These devices enable remote access to keyboard, video, and mouse input at the BIOS/UEFI level, making them critical infrastructure components. The vulnerabilities share common security flaws including missing firmware signature validation, absent brute-force protection, broken access controls, and exposed debug interfaces. The most severe vulnerabilities allow unauthenticated actors to execute malicious code and gain root access, potentially enabling complete system takeover and undermining existing security controls. Several vendors have released patches addressing specific issues.
#ip-kvm-vulnerabilities #firmware-security #remote-access-threats #biosuefi-exploitation #authentication-bypass
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]