Primary

Context

Keysight Ixia Vision Hardcoded Cryptographic Material Vulnerability Allowing Interception or Decryption of API Payloads

Vulnerability

A vulnerability exists in Keysight Ixia Vision due to hardcoded cryptographic material, which may enable an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication. This issue arises if the end user does not replace the default TLS certificate that comes with the device. The vulnerability is present in version 6.3.1 of the Ixia Vision Product Family.

Impact

Exploitation of this vulnerability could allow an attacker to intercept or decrypt sensitive payloads sent to the device, potentially leading to unauthorized access or manipulation of data.

Remediation

Users are advised to upgrade to version 6.9.1, released on September 23, 2025. For more information, visit the Keysight Ixia product support page.

Added: Sep 30, 2025, 11:22 PM

Updated: Sep 30, 2025, 11:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keysight Ixia Vision Hardcoded Cryptographic Material Vulnerability Allowing Interception or Decryption of API Payloads

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating