CVE-2026-1453 (GCVE-0-2026-1453)

Vulnerability from cvelistv5 – Published: 2026-01-29 19:02 – Updated: 2026-01-29 20:28
VLAI?
Title
Missing Authentication for Critical Function in KiloView Encoder Series
Summary
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.
Severity ?
9.3 (Critical)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
KiloView Encoder Series E1 hardware Version 1.4 Affected: 4.7.2516
Create a notification for this product.
    KiloView Encoder Series E1 hardware Version 1.6.20 Affected: 4.7.2511
Affected: 4.8.2523
Affected: 4.8.2611
Affected: 4.6.2400
Affected: 4.7.2512
Affected: 4.8.2561
Affected: 4.8.2554
Affected: 4.3.2029
Affected: 4.8.2555
Affected: 4.6.2408
Create a notification for this product.
    KiloView Encoder Series E1-s hardware Version 1.4 Affected: 4.7.2516
Affected: 4.8.2519
Affected: 4.8.2525
Affected: 4.8.2611
Affected: 4.8.2561
Affected: 4.8.2554
Affected: 4.8.2523
Create a notification for this product.
    KiloView Encoder Series E2 hardware Version 1.7.20 Affected: 4.8.2611
Affected: 4.8.2561
Create a notification for this product.
    KiloView Encoder Series E2 hardware Version 1.8.20 Affected: 4.8.2523
Affected: 4.8.2611
Affected: 4.8.2554
Create a notification for this product.
    KiloView Encoder Series G1 hardware Version 1.6.20 Affected: 4.8.2561
Create a notification for this product.
    KiloView Encoder Series P1 hardware Version 1.3.20 Affected: 4.8.2633
Affected: 4.8.2608
Create a notification for this product.
    KiloView Encoder Series P2 hardware Version 1.8.20 Affected: 4.8.2633
Create a notification for this product.
    KiloView Encoder Series RE1 hardware Version 2.0.00 Affected: 4.7.2513
Create a notification for this product.
    KiloView Encoder Series RE1 hardware Version 3.0.00 Affected: 4.8.2519
Affected: 4.8.2561
Affected: 4.8.2611
Affected: 4.8.2525
Create a notification for this product.
Credits
Muhammad Ammar (0xam225) reported this vulnerability to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1453",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-29T20:28:37.966375Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-29T20:28:55.866Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series E1 hardware Version 1.4",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.7.2516"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series E1 hardware Version 1.6.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.7.2511"
            },
            {
              "status": "affected",
              "version": "4.8.2523"
            },
            {
              "status": "affected",
              "version": "4.8.2611"
            },
            {
              "status": "affected",
              "version": "4.6.2400"
            },
            {
              "status": "affected",
              "version": "4.7.2512"
            },
            {
              "status": "affected",
              "version": "4.8.2561"
            },
            {
              "status": "affected",
              "version": "4.8.2554"
            },
            {
              "status": "affected",
              "version": "4.3.2029"
            },
            {
              "status": "affected",
              "version": "4.8.2555"
            },
            {
              "status": "affected",
              "version": "4.6.2408"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series E1-s hardware Version 1.4",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.7.2516"
            },
            {
              "status": "affected",
              "version": "4.8.2519"
            },
            {
              "status": "affected",
              "version": "4.8.2525"
            },
            {
              "status": "affected",
              "version": "4.8.2611"
            },
            {
              "status": "affected",
              "version": "4.8.2561"
            },
            {
              "status": "affected",
              "version": "4.8.2554"
            },
            {
              "status": "affected",
              "version": "4.8.2523"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series E2 hardware Version 1.7.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2611"
            },
            {
              "status": "affected",
              "version": "4.8.2561"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series E2 hardware Version 1.8.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2523"
            },
            {
              "status": "affected",
              "version": "4.8.2611"
            },
            {
              "status": "affected",
              "version": "4.8.2554"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series G1 hardware Version 1.6.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2561"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series P1 hardware Version 1.3.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2633"
            },
            {
              "status": "affected",
              "version": "4.8.2608"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series P2 hardware Version 1.8.20",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2633"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series RE1 hardware Version 2.0.00",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.7.2513"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Encoder Series RE1 hardware Version 3.0.00",
          "vendor": "KiloView",
          "versions": [
            {
              "status": "affected",
              "version": "4.8.2519"
            },
            {
              "status": "affected",
              "version": "4.8.2561"
            },
            {
              "status": "affected",
              "version": "4.8.2611"
            },
            {
              "status": "affected",
              "version": "4.8.2525"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Muhammad Ammar (0xam225) reported this vulnerability to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e"
            }
          ],
          "value": "A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "other": {
            "content": {
              "options": [
                {
                  "Exploitation": "none"
                },
                {
                  "Automatable": "yes"
                },
                {
                  "Technical Impact": "total"
                }
              ],
              "role": "CNA",
              "version": "2.0.3"
            },
            "type": "ssvc"
          },
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-29T19:02:26.431Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing Authentication for Critical Function in KiloView Encoder Series",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation.\n\n\u003cbr\u003e"
            }
          ],
          "value": "KiloView has not responded to requests to work with CISA to mitigate \nthis vulnerability. Users of affected versions of KiloView Encoder \nSeries are invited to contact KiloView customer support for additional \ninformation."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-1453",
    "datePublished": "2026-01-29T19:02:26.431Z",
    "dateReserved": "2026-01-26T19:48:46.732Z",
    "dateUpdated": "2026-01-29T20:28:55.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-1453\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2026-01-29T19:16:18.987\",\"lastModified\":\"2026-01-29T19:16:18.987\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"references\":[{\"url\":\"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01\",\"source\":\"ics-cert@hq.dhs.gov\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-1453\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-29T20:28:37.966375Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-29T20:28:48.081Z\"}}], \"cna\": {\"title\": \"Missing Authentication for Critical Function in KiloView Encoder Series\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Muhammad Ammar (0xam225) reported this vulnerability to CISA.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"role\": \"CNA\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\"}}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"KiloView\", \"product\": \"Encoder Series E1 hardware Version 1.4\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.2516\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series E1 hardware Version 1.6.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.2511\"}, {\"status\": \"affected\", \"version\": \"4.8.2523\"}, {\"status\": \"affected\", \"version\": \"4.8.2611\"}, {\"status\": \"affected\", \"version\": \"4.6.2400\"}, {\"status\": \"affected\", \"version\": \"4.7.2512\"}, {\"status\": \"affected\", \"version\": \"4.8.2561\"}, {\"status\": \"affected\", \"version\": \"4.8.2554\"}, {\"status\": \"affected\", \"version\": \"4.3.2029\"}, {\"status\": \"affected\", \"version\": \"4.8.2555\"}, {\"status\": \"affected\", \"version\": \"4.6.2408\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series E1-s hardware Version 1.4\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.2516\"}, {\"status\": \"affected\", \"version\": \"4.8.2519\"}, {\"status\": \"affected\", \"version\": \"4.8.2525\"}, {\"status\": \"affected\", \"version\": \"4.8.2611\"}, {\"status\": \"affected\", \"version\": \"4.8.2561\"}, {\"status\": \"affected\", \"version\": \"4.8.2554\"}, {\"status\": \"affected\", \"version\": \"4.8.2523\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series E2 hardware Version 1.7.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2611\"}, {\"status\": \"affected\", \"version\": \"4.8.2561\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series E2 hardware Version 1.8.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2523\"}, {\"status\": \"affected\", \"version\": \"4.8.2611\"}, {\"status\": \"affected\", \"version\": \"4.8.2554\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series G1 hardware Version 1.6.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2561\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series P1 hardware Version 1.3.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2633\"}, {\"status\": \"affected\", \"version\": \"4.8.2608\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series P2 hardware Version 1.8.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2633\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series RE1 hardware Version 2.0.00\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.2513\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"KiloView\", \"product\": \"Encoder Series RE1 hardware Version 3.0.00\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.2519\"}, {\"status\": \"affected\", \"version\": \"4.8.2561\"}, {\"status\": \"affected\", \"version\": \"4.8.2611\"}, {\"status\": \"affected\", \"version\": \"4.8.2525\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-26-029-01\"}, {\"url\": \"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"KiloView has not responded to requests to work with CISA to mitigate \\nthis vulnerability. Users of affected versions of KiloView Encoder \\nSeries are invited to contact KiloView customer support for additional \\ninformation.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"KiloView has not responded to requests to work with CISA to mitigate \\nthis vulnerability. Users of affected versions of KiloView Encoder \\nSeries are invited to contact KiloView customer support for additional \\ninformation.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2026-01-29T19:02:26.431Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-1453\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-29T20:28:55.866Z\", \"dateReserved\": \"2026-01-26T19:48:46.732Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2026-01-29T19:02:26.431Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.