Description
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.
Published: 2026-05-29
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability permits an unauthenticated reset of the administrator password to a known value, allowing an attacker to gain full control of camera feeds and configuration settings. This flaw aligns with CWE‑620 and effectively removes the device’s authentication barrier, making it possible to manipulate or view sensitive security footage without permission.

Affected Systems

The affected devices are KMW KM‑IP421 and KM‑IP521 security cameras. Firmware updates are available from KMW’s repository, but specific version ranges are not disclosed in the advisory. After applying the update, KM‑IP421 may lose cloud authorization, requiring re‑authorization of P2P connections via customer support.

Risk and Exploitability

The CVSS score of 9.1 indicates high severity, and while an EPSS score is not available, the lack of authentication implies a straightforward network‑based exploitation path. Based on the description, it is inferred that the attacker can issue an unauthenticated password reset command over a network connection to the camera, granting immediate full control. The flaw is not listed in CISA’s KEV catalog, but the ease of resetting passwords without credentials makes it a significant risk in networks where these cameras are directly exposed.

Generated by OpenCVE AI on May 29, 2026 at 18:52 UTC.

Remediation

Vendor Solution

KMW has issued a firmware update to address this vulnerability. The firmware update can be found at:  https://main.kmw.ro/pub/Firmware/521_421.zip KM-IP421 - will lose the cloud authorization after this update so users will need to contact customer support to re-authorize the P2P connection. If there are any issues customers are encouraged to contact KMW directly.

Vendor Workaround

KMW recommends connecting surveillance equipment on a separate network, allow only specific devices access to the internet, check for firmware updates regularly, and use cloud connections responsibly.

OpenCVE Recommended Actions

  • Apply the latest firmware update from the KMW site.
  • Re‑authorize any P2P connections on KM‑IP421 by contacting KMW support after the update.
  • If the update cannot be applied immediately, isolate the cameras on a separate network and restrict internet access to only trusted devices.
  • Continuously monitor for and install future firmware releases to ensure the vulnerability is remediated.

Generated by OpenCVE AI on May 29, 2026 at 18:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Kmw
Kmw km-ip421
Kmw km-ip521
Vendors & Products Kmw
Kmw km-ip421
Kmw km-ip521

Fri, 29 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.
Title KMW CCTV Security Cameras Unverified Password Change
Weaknesses CWE-620
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Kmw Km-ip421 Km-ip521
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-05-29T19:30:48.817Z

Reserved: 2026-04-01T20:46:32.932Z

Link: CVE-2026-5386

cve-icon Vulnrichment

Updated: 2026-05-29T19:30:44.624Z

cve-icon NVD

Status : Deferred

Published: 2026-05-29T18:17:12.867

Modified: 2026-06-16T16:03:27.593

Link: CVE-2026-5386

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T21:18:28Z

Weaknesses
  • CWE-620

    Unverified Password Change