Researchers have found nine vulnerabilities in four popular low-cost KVM-over-IP devices, ranging from unauthenticated command injection to weak authentication defenses and insecure firmware updates. The flaws are particularly concerning given the growing presence of such devices in business environments, whether deployed intentionally by IT administrators and managed service providers or introduced as shadow IT.
KVM-over-IP devices enable users to control computers remotely as if they were physically present, with full keyboard, video, and mouse access, including at the BIOS level when the OS is not running. Enterprises have long relied on rack-mounted multi-port KVM switches that include security features such as multi-factor authentication, encryption, and logging but cost hundreds or thousands of dollars.
In recent times, smaller businesses and IT teams operating on tight budgets have increasingly turned to a new class of compact, Linux-based, single-port KVM devices that offer the same access at a fraction of the cost. However, the quality of their firmware and access controls are not nearly as strong.
