Primary

Context

Keysight Ixia Vision Product Family Path Traversal Vulnerability Allowing Remote Code Execution

Vulnerability

A path traversal vulnerability has been identified in the Keysight Ixia Vision Product Family, specifically in version 6.3.1. This vulnerability allows remote code execution by users with privileged accounts, such as device administrators. The issue arises from improper limitations on file paths, which could be exploited in conjunction with the 'Upload' functionality to execute arbitrary scripts or potentially run uploaded binaries.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected device.

Remediation

Keysight recommends that all users upgrade to version 6.7.0 or later. For more information about the Ixia Vision Product Family, visit the Ixia product support page. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.1

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.1

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keysight Ixia Vision Product Family Path Traversal Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating