CVE-2025-21095 Keysight CVE debrief

Who should care

Organizations operating Keysight Ixia Vision Product Family deployments, especially any instance running version 6.3.1 or older, as well as OT/ICS administrators, vulnerability managers, and teams responsible for controlling access to management interfaces.

Technical summary

The source CSAF advisory describes a path traversal weakness that may enable arbitrary download of files. The published CVSS vector is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, which yields a 4.9 medium severity score and reflects that elevated privileges are required. CISA further notes that the issue can contribute to further compromise when combined with other vulnerabilities. Remediation is available in version 6.8.0.

Defensive priority

Medium; prioritize upgrade if the product is exposed to broader administrative access or could be chained with other weaknesses.

Recommended defensive actions

• Upgrade Keysight Ixia Vision Product Family to version 6.8.0 or later as soon as practical.
• Inventory deployments to confirm whether version 6.3.1 or earlier is in use.
• Restrict administrative access to the device and follow least-privilege principles for all management accounts.
• Apply CISA ICS recommended practices and review file access activity for unusual download behavior.

Evidence notes

CISA’s CSAF advisory ICSA-25-063-02, published 2025-03-04, identifies CVE-2025-21095 and the affected product as Keysight Ixia Vision Product Family: 6.3.1. The advisory states that remediation is available in version 6.8.0, released on 2025-03-01. The CVSS information provided in the source is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N with a score of 4.9. The advisory revision history shows Update A on 2025-09-30 added CVE-2025-24525 and did not change the core description of this issue.

Official resources