CVE-2025-24521 affects the Keysight Ixia Vision Product Family and was published by CISA on 2025-03-04. The advisory says an external XML entity injection issue can allow arbitrary download of files, and that in combination with other issues it may help further compromise the device. Keysight states remediation is available in version 6.8.0, released on 2025-03-01. Organizations using affected Ixia Vision [truncated]
CVE-2025-24494 affects the Keysight Ixia Vision Product Family and is rated HIGH (CVSS 7.2). The advisory says the issue is a path traversal vulnerability that may enable remote code execution when an attacker already has a privileged device admin account. Keysight also notes that, combined with the product’s Upload functionality, the flaw could be used to execute an arbitrary script or possibly upload a [truncated]
CVE-2025-23416 is a path traversal flaw in the Keysight Ixia Vision Product Family that may allow arbitrary file deletion. The advisory notes that the issue was scored without the least-privilege principle violation and that, in combination with other issues, it could help further compromise the device. Keysight states remediation is available in version 6.8.0, and recommends upgrading from older releases [truncated]
CVE-2025-21095 is a Keysight Ixia Vision Product Family issue where path traversal may allow arbitrary file download. CISA’s advisory lists the affected product as Keysight Ixia Vision Product Family 6.3.1 and notes remediation in version 6.8.0. The advisory also states that, in combination with other issues, this flaw may help further compromise the device.