Researchers disclose vulnerabilities in IP KVMs from four manufacturers

Researchers have identified vulnerabilities in IP KVMs, low-cost devices used for remote machine access, which can pose significant risks if exploited by insiders or hackers. These devices, priced between $30 to $100, provide access at the BIOS/UEFI level, potentially compromising network security. Security firm Eclypsium disclosed nine vulnerabilities in IP KVMs from four manufacturers, with the most severe flaws allowing unauthorized access and execution of malicious code. These vulnerabilities highlight the importance of implementing basic security controls in networked devices to prevent unauthorized access and potential breaches.