Search criteria
2 vulnerabilities found for Encoder Series RE1 hardware Version 3.0.00 by KiloView
CVE-2026-1453 (GCVE-0-2026-1453)
Vulnerability from nvd – Published: 2026-01-29 19:02 – Updated: 2026-01-29 20:28
VLAI?
Title
Missing Authentication for Critical Function in KiloView Encoder Series
Summary
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| KiloView | Encoder Series E1 hardware Version 1.4 |
Affected:
4.7.2516
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Muhammad Ammar (0xam225) reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:28:37.966375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:28:55.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2511"
},
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.6.2400"
},
{
"status": "affected",
"version": "4.7.2512"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.3.2029"
},
{
"status": "affected",
"version": "4.8.2555"
},
{
"status": "affected",
"version": "4.6.2408"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1-s hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
},
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2525"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.8.2523"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.7.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2554"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series G1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P1 hardware Version 1.3.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
},
{
"status": "affected",
"version": "4.8.2608"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 2.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2513"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 3.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2525"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Ammar (0xam225) reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e"
}
],
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CNA",
"version": "2.0.3"
},
"type": "ssvc"
},
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T19:02:26.431Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication for Critical Function in KiloView Encoder Series",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation.\n\n\u003cbr\u003e"
}
],
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1453",
"datePublished": "2026-01-29T19:02:26.431Z",
"dateReserved": "2026-01-26T19:48:46.732Z",
"dateUpdated": "2026-01-29T20:28:55.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1453 (GCVE-0-2026-1453)
Vulnerability from cvelistv5 – Published: 2026-01-29 19:02 – Updated: 2026-01-29 20:28
VLAI?
Title
Missing Authentication for Critical Function in KiloView Encoder Series
Summary
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| KiloView | Encoder Series E1 hardware Version 1.4 |
Affected:
4.7.2516
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Muhammad Ammar (0xam225) reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:28:37.966375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:28:55.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2511"
},
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.6.2400"
},
{
"status": "affected",
"version": "4.7.2512"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.3.2029"
},
{
"status": "affected",
"version": "4.8.2555"
},
{
"status": "affected",
"version": "4.6.2408"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E1-s hardware Version 1.4",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2516"
},
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2525"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2554"
},
{
"status": "affected",
"version": "4.8.2523"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.7.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series E2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2523"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2554"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series G1 hardware Version 1.6.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2561"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P1 hardware Version 1.3.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
},
{
"status": "affected",
"version": "4.8.2608"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series P2 hardware Version 1.8.20",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2633"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 2.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.7.2513"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Encoder Series RE1 hardware Version 3.0.00",
"vendor": "KiloView",
"versions": [
{
"status": "affected",
"version": "4.8.2519"
},
{
"status": "affected",
"version": "4.8.2561"
},
{
"status": "affected",
"version": "4.8.2611"
},
{
"status": "affected",
"version": "4.8.2525"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Ammar (0xam225) reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e"
}
],
"value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CNA",
"version": "2.0.3"
},
"type": "ssvc"
},
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T19:02:26.431Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication for Critical Function in KiloView Encoder Series",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation.\n\n\u003cbr\u003e"
}
],
"value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-1453",
"datePublished": "2026-01-29T19:02:26.431Z",
"dateReserved": "2026-01-26T19:48:46.732Z",
"dateUpdated": "2026-01-29T20:28:55.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}