CVE-2025-8915

Name of the Vulnerable Software and Affected Versions Kiloview N30 version 2.02.246

Description The firmware contains a hardcoded TLS private key and certificate. This allows a malicious actor to perform a man-in-the-middle attack over the network.

Recommendations It is recommended to upgrade the device firmware to the fixed version 3.01, released on October 11, 2025. This version includes security enhancements that address this vulnerability, among other potential issues.

Important Note: Due to changes in the firmware upgrade mechanism, upgrading from version 2.x requires first installing an intermediate upgrade package (N30-9999-upgrade-firmware). After installing this intermediate package, a manual refresh of the web interface is required before proceeding with the upgrade to version 3.01.