Primary

Context

Kiloview N30 Hardcoded TLS Private Key and Certificate Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

A vulnerability in Kiloview N30 firmware version 2.02.246 has been identified, involving a hardcoded TLS private key and certificate. This flaw allows a malicious adversary to perform a man-in-the-middle attack over the network.

Impact

Exploitation of this vulnerability could lead to a man-in-the-middle attack, allowing an adversary to intercept and potentially alter communications.

Remediation

Users can upgrade to Kiloview N30 firmware version 3.01, which addresses this vulnerability. However, upgrading from version 2.x to 3.01 requires first installing an intermediate upgrade package, N30-9999-upgrade-firmware.

Added: Oct 13, 2025, 7:24 AM

Updated: Oct 13, 2025, 7:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kiloview N30 Hardcoded TLS Private Key and Certificate Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating