CVE-2025-24521 affects the Keysight Ixia Vision Product Family and was published by CISA on 2025-03-04. The advisory says an external XML entity injection issue can allow arbitrary download of files, and that in combination with other issues it may help further compromise the device. Keysight states remediation is available in version 6.8.0, released on 2025-03-01. Organizations using affected Ixia Vision [truncated]
CVE-2025-24494 affects the Keysight Ixia Vision Product Family and is rated HIGH (CVSS 7.2). The advisory says the issue is a path traversal vulnerability that may enable remote code execution when an attacker already has a privileged device admin account. Keysight also notes that, combined with the product’s Upload functionality, the flaw could be used to execute an arbitrary script or possibly upload a [truncated]
