zlacker

>>ementa+(OP)
I recently discovered a similar concerning security issue with my KVM. In my case it was a pretty standard KVM for multiple machines to share a keyboard, mouse, and screen but also Ethernet. One day while looking at my home network I noticed the KVM had its own IP and was transferring GBs of data everyday. I quickly blocked it from my network. But having used it for a number of months I worried that with screen capture and access to all my input devices, someone could have gotten access to pretty much everything I use. I wasn’t able to figure out if any data was actually being sent off my network and I really didn’t want to put myself in any more risk so I just threw it in an electronics recycling bin. Pretty scary what a network connected KVM could maliciously do.

>>jlward+Cc
Is it possible for you to name the KVM model?

It sounds like a potential risk is to the public.

>>Coasta+Fh
It is this one: https://www.amazon.com/dp/B0CP4PD3SM

I did post a review there citing my security concerns.

Honestly I didn't go further with the investigation because if someone really has all my data, I'm worried about retribution.

>>jlward+RI
Was the network port bridged to both PCs all the time (as the description makes it sound, or did only the "active" PC get a functioning network connection? Could you tell from the FDB of the upstream device, if there were more than two MAC addresses active on the port? Did you (hopefully) open it up and make PCB pictures before chucking it?

>>stragi+a11
The network was active for both machines connected to it. And it had its own IP. So 3 MAC addresses in total. I didn't ever open it up. But maybe someone will be interested in buying one and exploring more.