{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5386", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2026-04-01T20:46:32.932Z", "datePublished": "2026-05-29T16:25:17.079Z", "dateUpdated": "2026-05-29T16:25:17.079Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-05-29T16:25:17.079Z"}, "title": "KMW CCTV Security Cameras Unverified Password Change", "datePublic": "2026-05-28T16:21:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-620", "description": "CWE-620 Unverified Password Change", "type": "CWE"}]}], "affected": [{"vendor": "KMW", "product": "KM-IP521", "versions": [{"status": "affected", "version": "4.04.91.230307"}], "defaultStatus": "unaffected"}, {"vendor": "KMW", "product": "KM-IP421", "versions": [{"status": "affected", "version": "4.04.53.210416"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The affected\u00a0KMW CCTV Security Cameras are\u00a0vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The affected&nbsp;KMW CCTV Security Cameras are&nbsp;vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings."}]}], "references": [{"url": "https://main.kmw.ro/pub/Firmware/521_421.zip"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-06"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-06.json"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseSeverity": "CRITICAL", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}}], "workarounds": [{"lang": "en", "value": "KMW recommends connecting surveillance equipment on a separate network, allow only specific devices access to the internet, check for firmware updates regularly, and use cloud connections responsibly.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span>KMW recommends connecting surveillance equipment on a separate network, allow only specific devices access to the internet, check for firmware updates regularly, and use cloud connections responsibly.</span>"}]}], "solutions": [{"lang": "en", "value": "KMW has issued a firmware update to address this vulnerability. The firmware update can be found at:\u00a0\n https://main.kmw.ro/pub/Firmware/521_421.zip \n\n\n\n\nKM-IP421 - will lose the cloud authorization after this update so users will need to contact customer support to re-authorize the P2P connection.\n\n\n\n\n\nIf there are any issues customers are encouraged to contact KMW directly.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span>KMW has issued a firmware update to address this vulnerability. The firmware update can be found at:&nbsp;</span><br><div><a href=\"https://main.kmw.ro/pub/Firmware/521_421.zip\">https://main.kmw.ro/pub/Firmware/521_421.zip</a></div><div><span><br></span></div><div><span>KM-IP421 - will lose the cloud authorization after this update so users will need to contact customer support to re-authorize the P2P connection.</span></div><div><span><br></span></div><div>\n<span>If there are any issues customers are encouraged to contact KMW directly.</span></div>"}]}], "credits": [{"lang": "en", "value": "Souvik Kandar reported this vulnerability to CISA.", "type": "finder"}], "source": {"advisory": "ICSA-26-148-06", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The affected\u00a0KMW CCTV Security Cameras are\u00a0vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings."}], "id": "CVE-2026-5386", "lastModified": "2026-05-29T18:17:12.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2026-05-29T18:17:12.867", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-06.json"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://main.kmw.ro/pub/Firmware/521_421.zip"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-06"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-620"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{}