9 serious flaws in IP KVM let anyone get root access without having to log in across four vendors.

Cybersecurity experts have warned about the dangers of cheap IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can give hackers a lot of power over hacked hosts This article explores attacker compromises kvm. . Eclypsium found nine security holes in four different GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM products.

The worst ones let people who aren't authorized get root access or run harmful code. In an analysis, researchers Paul Asadoorian and Reynaldo Vasquez Garcia said, "The common themes are damning: missing firmware signature validation, no brute-force protection, broken access controls, and exposed debug interfaces."

IP KVM devices let you access the target machine's keyboard, video output, and mouse input from a distance at the BIOS/UEFI level. If someone successfully exploits a flaw in one of these products, they could take over the system, which would break the security controls that are already in place. "An attacker who compromises the KVM can hide tools and backdoors on the device itself, consistently re-infecting host systems even after remediation."

"Since some firmware updates lack signature verification on most of these devices, a supply-chain attacker could tamper with the firmware at distribution time and have it persist indefinitely."