Keysight Ixia Vision Product Family Path Traversal Vulnerability Leading to Arbitrary File Deletion
Vulnerability
A path traversal vulnerability has been identified in the Keysight Ixia Vision Product Family, specifically in version 6.3.1. This vulnerability may allow for arbitrary file deletion. While the issue could be exploited by a user with administrative privileges, it is not accessible to regular users. Additionally, this vulnerability could be exploited in conjunction with other identified issues, potentially leading to a more significant compromise of the device.
Impact
Exploitation of this vulnerability could result in unauthorized deletion of files, with the potential for causing a buffer overflow condition that may allow remote code execution.
Remediation
Users are advised to upgrade to version 6.8.0, which will be released on March 1, 2025. For more information about the Ixia Vision Product Family, visit the Ixia product support page. Keysight also recommends discontinuing the use of older software versions.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.