9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

2026-03-18

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

Eclypsium researchers disclosed nine vulnerabilities across four low-cost IP KVM devices that can grant unauthenticated root access and arbitrary code execution.

•CVE-2026-32297 (CVSS 9.8) affects Angeet ES3 KVM, allowing arbitrary code execution with no fix available; CVE-2026-32298 (CVSS 8.8) enables OS command injection on the same device.
•Common failure patterns include missing firmware signature validation, no brute-force protection, broken access controls, and exposed debug interfaces.
•Exploitation can allow keystroke injection, bypassing Secure Boot/disk encryption, circumventing lock screens, and persisting undetected below the OS level.
•Mitigations include enforcing MFA, isolating KVM devices on a dedicated management VLAN, restricting internet access, and keeping firmware updated.

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture