Summary
Successful exploitation of this vulnerability could allow an unauthenticated attacker to create or delete administrator accounts, granting full administrative control.
The following versions of KiloView Encoder Series are affected:
- Encoder Series E1 hardware Version 1.4 4.7.2516 (CVE-2026-1453)
- Encoder Series E1 hardware Version 1.6.20 4.7.2511|4.8.2523|4.8.2611|4.6.2400|4.7.2512|4.8.2561|4.8.2554|4.3.2029|4.8.2555|4.6.2408 (CVE-2026-1453)
- Encoder Series E1-s hardware Version 1.4 4.7.2516|4.8.2519|4.8.2525|4.8.2611|4.8.2561|4.8.2554|4.8.2523 (CVE-2026-1453)
- Encoder Series E2 hardware Version 1.7.20 4.8.2611|4.8.2561 (CVE-2026-1453)
- Encoder Series E2 hardware Version 1.8.20 4.8.2523|4.8.2611|4.8.2554 (CVE-2026-1453)
- Encoder Series G1 hardware Version 1.6.20 4.8.2561 (CVE-2026-1453)
- Encoder Series P1 hardware Version 1.3.20 4.8.2633|4.8.2608 (CVE-2026-1453)
- Encoder Series P2 hardware Version 1.8.20 4.8.2633 (CVE-2026-1453)
- Encoder Series RE1 hardware Version 2.0.00 4.7.2513 (CVE-2026-1453)
- Encoder Series RE1 hardware Version 3.0.00 4.8.2519|4.8.2561|4.8.2611|4.8.2525 (CVE-2026-1453)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 9.8 | KiloView | KiloView Encoder Series | Missing Authentication for Critical Function |
Background
- Critical Infrastructure Sectors: Communications, Information Technology
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: China
Vulnerabilities
CVE-2026-1453
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacke
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from All CISA Advisories
Read the original article: