Recently, [Jeff Geerling] dropped into the bad press feeding frenzy around Sipeed’s NanoKVM, most notably because of a ‘hidden’ microphone that should have no business on a remote KVM solution. The problem with that reporting is, as [Jeff] points out in the video below, that the NanoKVM – technically the NanoKVM-Cube – is merely a software solution that got put on an existing development board, the LicheeRV Nano, along with an HDMI-in board. The microphone exists on that board and didn’t get removed for the new project, and it is likely that much of the Linux image is also reused.
Of course, the security report that caused so much fuss was published back in February of 2025, and some of the issues pertaining to poor remote security have been addressed since then on the public GitHub repository. While these were valid concerns that should be addressed, the microphone should not be a concern, as it’d require someone to be logged into the device to even use it, at which point you probably have bigger problems.
Security considerations aside, having a microphone in place on a remote KVM solution could also be very useful, as dutifully pointed out in the comments by [bjoern.photography], who notes that being able to listen to beeps on boot could be very useful while troubleshooting a stricken system. We imagine the same is true for other system sounds, such as fan or cooling pump noises. Maybe all remote KVM solutions should have microphone arrays?
Of course, if you don’t like the NanoKVM, you could always roll your own.
Top image: the NanoKVM bundle from [Jeff]’s original review. (Credit: [Jeff Geerling])
The (excellent) GL.Inet IP KVMs include a microphone and speaker, and expose that fuctionality via the Web UI.
This is a gross misrepresentation. While it’s true that there is a microphone, that isn’t their most egregious transgression. The software it ships paints a far more damning picture.
Why does this extremely paired-back linux install contain TCPdump? And aricrack? If this microphone is an incidental hardware feature, why did they add ALSA software tools like amixer and arecord which make it immediately available for use by scripts? And of course it routs all it’s DNS queries through chinese servers.
And then on top of that this thing has terrible security. It shipped with a preset password and out-of-box SSH access. The web interface lacks CSRF defenses and doesn’t have any way to invalidate sessions. The key used to protect login passwords is hardcoded and shared across all devices. “According to the researcher, this had to be explained to the developers ‘multiple times’ before they acknowledged the issue.”
In my humble opinion, the picture this paints is that seeed is “seeding” the world with vulnerable KVM modules which are ripe to be taken over later by adversaries who will be able to simply drop a shellscript-based payload and find all the binaries they could ever want for pivoting their attack. And that’s in addition to any high-value targets attached to the KVMs themselves.
https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in-sipeed-nanokvm suggest that users install one of a few different alternative OS images to wipe out all of the above, but tbh I’d rather go with anything else.
Those “alternative OS” are not referenced anywhere in the article, and I personally could not find anything on the web in regards to any build of them (ie: pikvm) existing anywhere.
I have 4 of them NanoKVM that I purchased before the article in February came out and I’m just sitting on them (tested a bit).
If you could actually provide a link to those “alternativr OS”, that’d be great.
aircrack*
Seriously. What the hell is aircrack doing on a KVM device.
Thanks for reporting on this; I missed out on the February reports and nearly bought some Sipeed FPGAs a month ago before talking myself into waiting (too many projects on plate already). Will look elsewhere in the future; not sure what happened here, but that’s too much evidence of at least one bad actor.
the only thing that makes any of these claims materially interesting is that the device is chinese, I’ve seen routers and other network appliances from non chinese suppliers with the same flaws.
as I understood it the firmware is still in development, it makes sense that a network device has tcpdump for diagnostic purposes, aircrack also has non malicious uses too.
the real question is would they have left those tools in place on retail firmware.
it’s nice to know however that antichinese sentiment still exists in the west.
I enthusiastically and almost exclusively buy Chinese boards and MCUs anymore; I’ve abandoned Western brands like ARM and STMicro, Raspberry Pi and Arduino, but still have some favored brands like Mikrotik for routing. If you’ve got evidence of security problems/sloppiness this extensive on widely-used Western boards or routing equipment, def let us know, because I’m pretty ignorant of it (though I also probably don’t use them anymore and wouldn’t care).
It’s a pretty bold claim that people would be concerned about these issues primarily out of bigotry; it’s not necessarily a China problem, but it is necessarily a Sipeed problem.
The reason for a lot of those features could just be that it is built on top of the Linux image for the dev board that it contains, which means it makes sense to come with microphone support.
given the wide availability of small microphones and cameras, and big tech’s data farming shenanigans, im surprised we dont see more of this.