CVE-2023-41920

Summary

The vulnerability allows attackers access to the root account without having to authenticate. Specifically, if the device is configured with the IP address of 10.10.10.10, the root user is automatically logged in.

Affected Software

VendorProductVersion RangeStatus
KiloviewP1/P2All <= 4.8.2605affected

Weaknesses

  • CWE-305: CWE-305 Authentication Bypass by Primary Weakness

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References