OTPulse

KiloView Encoder Series (Update A)

Plan PatchCVSS 9.8ICS-CERT ICSA-26-029-01Jan 29, 2026
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

KiloView Encoder Series devices (RE1, E1, E1-s, G1, P1, P2, E2) are vulnerable to unauthorized administrator account creation or deletion. An unauthenticated attacker with network access can create new administrative accounts or remove existing ones, gaining full control of the encoder. The vulnerability exists due to missing or inadequate authentication checks on account management functions. Affected hardware versions include RE1 (4.8.2519, 4.8.2561, 4.8.2611, 4.8.2525, 4.7.2513), E1 (4.7.2511, 4.8.2523, 4.8.2611, 4.6.2400, 4.7.2512, 4.8.2561, 4.8.2554, 4.3.2029, 4.8.2555, 4.6.2408, 4.7.2516), E1-s (4.7.2516, 4.8.2519, 4.8.2525, 4.8.2611, 4.8.2561, 4.8.2554, 4.8.2523), G1 (4.8.2561), P1 (4.8.2633, 4.8.2608), P2 (4.8.2633), and E2 (4.8.2611, 4.8.2561, 4.8.2523, 4.8.2554). KiloView has designated these hardware versions as end-of-life and will not release patches due to hardware limitations.

What this means
What could happen
An unauthenticated attacker on the network could create or delete administrator accounts on KiloView Encoder devices, gaining full control. This could allow them to modify video encoding settings, disable monitoring, or disrupt operations on any connected encoders.
Who's at risk
Organizations using KiloView Encoder Series devices (RE1, E1, E1-s, G1, P1, P2, E2 models) for video encoding and streaming in broadcast, surveillance, or industrial monitoring applications. This affects encoding equipment used in remote site monitoring, SCADA video feeds, and facility surveillance systems.
How it could be exploited
An attacker on the network sends unauthenticated requests to the Encoder's administrative interface. The device fails to properly validate authentication, allowing account creation/deletion without credentials. The attacker establishes admin access and controls the encoder.
Prerequisites
  • Network access to the KiloView Encoder device and its administrative port (typically HTTP/HTTPS)
  • No credentials required
remotely exploitableno authentication requiredlow complexityno patch availableaffects monitoring/control visibility
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (10)
10 EOL
ProductAffected VersionsFix Status
Encoder Series RE1 hardware4.8.2519|4.8.2561|4.8.2611|4.8.2525No fix (EOL)
Encoder Series E1 hardware4.7.2511|4.8.2523|4.8.2611|4.6.2400|4.7.2512|4.8.2561|4.8.2554|4.3.2029|4.8.2555|4.6.2408No fix (EOL)
Encoder Series E1-s hardware4.7.2516|4.8.2519|4.8.2525|4.8.2611|4.8.2561|4.8.2554|4.8.2523No fix (EOL)
Encoder Series G1 hardwareSoftware 4.8.2561No fix (EOL)
Encoder Series P1 hardware4.8.2633|4.8.2608No fix (EOL)
Encoder Series P2 hardwareSoftware 4.8.2633No fix (EOL)
Encoder Series RE1 hardwareSoftware 4.7.2513No fix (EOL)
Encoder Series E1 hardwareSoftware 4.7.2516No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/3
HARDENINGIsolate affected KiloView Encoder devices from untrusted networks using firewall rules. Allow administrative access only from authorized engineering workstations or control networks.
WORKAROUNDDisable remote administrative access to the Encoder device if not operationally required. Access administration only from locally connected workstations.
HARDENINGMonitor Encoder device access logs for suspicious administrator account creation or deletion events.
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade to newer KiloView Encoder hardware generations that are not end-of-life and have received security patches.
Long-term hardening
0/1
HOTFIXContact KiloView customer support to confirm if any interim security firmware updates are available for your specific Encoder model.
View full CISA ICS-CERT advisory
API: /api/v1/advisories/204590f3-99a0-42c5-9b56-c922037c3845

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.