CVE-2026-32297 ANGEET CVE debrief

Who should care

Organizations using Angeet ES3 KVM devices should prioritize patching or mitigating this vulnerability to prevent potential system compromise. Security teams and system administrators responsible for managing KVM devices are particularly concerned. Given the HIGH severity and potential impact, swift action is recommended.

Technical summary

CVE-2026-32297 is an unauthenticated arbitrary file write vulnerability in Angeet ES3 KVM devices. The vulnerability allows remote attackers to write arbitrary files, including configuration files and system binaries, without authentication. This could lead to complete system control if exploited. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N, indicating a Network attack vector with Low complexity and High impact on Integrity. No fix is currently available, and affected products include ANGEET ES3 KVM versions prior to an unspecified fix.

Defensive priority

High priority should be given to identifying and mitigating this vulnerability in Angeet ES3 KVM devices. Organizations should review their inventory for affected devices and consider compensating controls until a patch is available.

Recommended defensive actions

• Inventory and identify all Angeet ES3 KVM devices within the organization.
• Implement network segmentation to limit access to KVM devices until a patch is available.
• Monitor for suspicious activity related to file writes on KVM devices.
• Consider temporary removal or isolation of KVM devices if feasible.
• Engage with the vendor for updates on a forthcoming patch.

Evidence notes

The CVE and source item provide details on the vulnerability. The source item, from CISA CSAF, describes the vulnerability and affected products. Multiple references are provided, including the official CVE record and NVD detail. However, the evidence is limited by the lack of a clear fix or detailed affected product information.

Official resources