Security researchers have disclosed critical vulnerabilities in IP KVM devices from four manufacturers, exposing remote management systems to potential compromise. The vulnerabilities range from firmware authentication bypasses to command injection flaws, with the most severe affecting Angeet/Yeeso ES3 KVM devices that remain unpatched.

Affected products include GL-iNet's Comet RM-1, which has multiple vulnerabilities being addressed through firmware updates, and Sipeed's NanoKVM, which has already released patches. JetKVM also addressed several flaws in its latest software versions. The Angeet/Yeeso devices present the greatest risk with unauthenticated file access and command injection vulnerabilities rated at 9.8 and 8.8 CVSS scores respectively.

HD Moore's recent internet scan found over 1,300 exposed IP KVM devices, up from 1,000 last June. Security experts warn that compromised KVM access can bypass existing network protections, similar to risks posed by baseboard management controllers. Both runZero and Eclypsium recommend network scanning, strong passwords, and VPN usage to mitigate these threats.