Low-cost IP-KVM flaws could give attackers BIOS-level control over enterprise systems
5 min. read 
Published on
Security researchers at Eclypsium say nine vulnerabilities in four low-cost IP-KVM products could let attackers seize control of connected machines below the operating system layer, with access that reaches BIOS-level functions such as remote keyboard input, boot control, and virtual media mounting. That matters because IP-KVM devices sit outside the normal host security stack, so compromise can bypass many OS-level controls and EDR tooling.
The affected devices include the GL-iNet Comet RM-1, Angeet or Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. Eclypsium says the issues span broken access controls, weak or missing firmware verification, exposed debug access, and poor brute-force protections.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
This is not just a lab concern. Microsoft said in a June 30, 2025 threat report that North Korean remote IT workers have used IP-based KVM devices such as PiKVM or TinyPilot to access employer-issued corporate laptops remotely. Eclypsium also cites recent FBI interest in KVM-device risks and says internet exposure of these low-cost devices grew from 404 in June 2025 to 1,611 by January 2026.
Why IP-KVM compromise is so serious
Compromising an IP-KVM can give an attacker the equivalent of physical access to every connected machine. Eclypsium says that can enable keystroke injection, booting from virtual removable media, entering BIOS or UEFI setup, bypassing lock screens, and potentially interfering with Secure Boot or disk-encryption protections depending on the target system’s configuration.
That makes the attack path especially dangerous in enterprise settings. A low-cost device that may look like a convenience tool for remote support can become a stealthy pivot point into servers, workstations, or admin laptops, while staying largely invisible to software running on the host itself.
The most severe findings
Eclypsium says the most dangerous chain affects the Angeet or Yeeso ES3 KVM. CVE-2026-32297 is an unauthenticated file-upload flaw rated 9.8 CVSS, and CVE-2026-32298 is an OS command-injection flaw rated 8.8. The researchers say an attacker with network access to port 8888 can chain them into pre-authentication remote code execution with root privileges. Eclypsium says the vendor committed to fixing the issues but had not provided a timeline when the report was published.
The GL-iNet Comet RM-1 had four disclosed issues, including insufficient firmware authenticity verification, exposed UART root access, weak brute-force protections, and insecure initial provisioning through an unauthenticated cloud connection. Eclypsium says some of those issues were fixed in v1.8.1-BETA, while other fixes were still being planned.
Sipeed’s NanoKVM had one disclosed flaw, CVE-2026-32296, involving an exposed Wi-Fi configuration endpoint. Eclypsium says that bug could support deauthentication attacks, memory-exhaustion denial-of-service, or network hijacking. The firm says Sipeed fully patched it in NanoKVM 2.3.6 and NanoKVM Pro 1.2.14.
JetKVM had two issues: CVE-2026-32294, which involved insufficient update verification, and CVE-2026-32295, which involved insufficient rate limiting on authentication attempts. Eclypsium says JetKVM fixed both in version 0.5.4 and specifically praised the vendor for implementing a fix for update verification.
Vulnerability snapshot
| Vendor | Product | CVE | Issue | Patch status |
|---|---|---|---|---|
| GL-iNet | Comet RM-1 | CVE-2026-32290 | Insufficient firmware authenticity verification | Fix being planned |
| GL-iNet | Comet RM-1 | CVE-2026-32291 | UART root access | Fix being planned |
| GL-iNet | Comet RM-1 | CVE-2026-32292 | Insufficient brute-force protection | Fixed in v1.8.1-BETA |
| GL-iNet | Comet RM-1 | CVE-2026-32293 | Insecure initial provisioning | Fixed in v1.8.1-BETA |
| Angeet / Yeeso | ES3 KVM | CVE-2026-32297 | Unauthenticated file upload | Vendor committed to fix, no timeline |
| Angeet / Yeeso | ES3 KVM | CVE-2026-32298 | OS command injection | Vendor committed to fix, no timeline |
| Sipeed | NanoKVM | CVE-2026-32296 | Configuration endpoint exposure | Fixed in NanoKVM 2.3.6 / Pro 1.2.14 |
| JetKVM | JetKVM | CVE-2026-32294 | Insufficient update verification | Fixed in v0.5.4 |
| JetKVM | JetKVM | CVE-2026-32295 | Insufficient rate limiting | Fixed in v0.5.4 |
Source: Eclypsium research published March 17, 2026.
What defenders should do now
Eclypsium says organizations should treat IP-KVM devices as critical infrastructure, not simple accessories. The firm recommends isolating them on dedicated management VLANs, keeping them off the public internet, gating access behind strong authentication and VPN controls, inventorying unmanaged KVM deployments, monitoring for unusual outbound traffic, and applying firmware updates as vendors release them.
Microsoft’s North Korea report adds another reason to act fast. If threat actors already use IP-based KVM devices for remote physical control of enterprise laptops, then poorly secured low-cost KVMs create a direct opportunity for stealthy persistence and lateral movement in real business environments, not just homelabs.
FAQ
It is a device that provides remote keyboard, video, and mouse control over a connected system, often including BIOS-level access before the operating system loads.
Because a compromised IP-KVM can operate below the host OS and may let an attacker inject input, change boot behavior, or mount virtual media without relying on host-level malware.
Eclypsium says the Angeet or Yeeso ES3 KVM had the most severe chain, with unauthenticated file upload plus command injection enabling pre-auth remote code execution as root.
Yes. Eclypsium says exposure of these low-cost devices grew from 404 in June 2025 to 1,611 by January 2026.
Yes. Eclypsium says JetKVM fixed its issues in v0.5.4, Sipeed fixed its issue in NanoKVM 2.3.6 and Pro 1.2.14, and GL-iNet fixed some issues in v1.8.1-BETA.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages