Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for Encoder Series E1 hardware Version 1.4 by KiloView
CVE-2026-1453 (GCVE-0-2026-1453)
Vulnerability from nvd – Published: 2026-01-29 19:02 – Updated: 2026-01-29 20:28
VLAI?
Title
Missing Authentication for Critical Function in KiloView Encoder Series
Summary
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| KiloView | Encoder Series E1 hardware Version 1.4 |
Affected:
4.7.2516
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:28:37.966375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:28:55.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2511"
},
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.6.2400"
},
{
"status": "affected",
"version": "4.7.2512"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.3.2029"
},
{
"status": "affected",
"version": "4.8.2555"
},
{
"status": "affected",
"version": "4.6.2408"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1-s hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
},
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2525"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.8.2523"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.7.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2554"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series G1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P1 hardware Version 1.3.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
},
{
"status": "affected",
"version": "4.8.2608"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 2.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2513"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 3.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2525"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Ammar (0xam225) reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e"
}
],
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CNA",
"version": "2.0.3"
},
"type": "ssvc"
},
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T19:02:26.431Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication for Critical Function in KiloView Encoder Series",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation.\n\n\u003cbr\u003e"
}
],
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1453",
"datePublished": "2026-01-29T19:02:26.431Z",
"dateReserved": "2026-01-26T19:48:46.732Z",
"dateUpdated": "2026-01-29T20:28:55.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1453 (GCVE-0-2026-1453)
Vulnerability from cvelistv5 – Published: 2026-01-29 19:02 – Updated: 2026-01-29 20:28
VLAI?
Title
Missing Authentication for Critical Function in KiloView Encoder Series
Summary
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| KiloView | Encoder Series E1 hardware Version 1.4 |
Affected:
4.7.2516
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:28:37.966375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:28:55.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2511"
},
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.6.2400"
},
{
"status": "affected",
"version": "4.7.2512"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.3.2029"
},
{
"status": "affected",
"version": "4.8.2555"
},
{
"status": "affected",
"version": "4.6.2408"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1-s hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
},
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2525"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.8.2523"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.7.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2554"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series G1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P1 hardware Version 1.3.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
},
{
"status": "affected",
"version": "4.8.2608"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 2.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2513"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 3.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2525"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Ammar (0xam225) reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e"
}
],
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CNA",
"version": "2.0.3"
},
"type": "ssvc"
},
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T19:02:26.431Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication for Critical Function in KiloView Encoder Series",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation.\n\n\u003cbr\u003e"
}
],
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1453",
"datePublished": "2026-01-29T19:02:26.431Z",
"dateReserved": "2026-01-26T19:48:46.732Z",
"dateUpdated": "2026-01-29T20:28:55.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}