Vulnerabilities

CVE-2026-32294

by Fred · 17/03/2026

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification.

More information : https://eclypsium.com/blog/kvm-devices-the-keys-to-your-kingdom-are-hanging-on-the-network/

Similar

Tags: Cybersecurity Alert