CVE Catalog

CVE-2026-5386

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.59%

43th percentile — higher than 43% of all known CVEs

Summary

The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.

Risk Assessment

This vulnerability poses a serious risk to organizations as it allows unauthorized access to surveillance systems. It could lead to a loss of data confidentiality and privacy breaches.

Recommendation

It is recommended to immediately update the camera firmware and implement strong authentication mechanisms. Additionally, monitoring access to the systems is advised to detect potential attack attempts.

Original NVD description (English source)

The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS