CVE-2025-24521 (GCVE-0-2025-24521)

Vulnerability from cvelistv5 – Published: 2025-03-05 15:17 – Updated: 2025-03-06 21:57
VLAI?
Title
Keysight Ixia Vision Product Family Improper Restriction of XML External Entity Reference
Summary
External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
Severity ?
4.9 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
Vendor Product Version
Keysight Ixia Vision Product Family Affected: 6.3.1
Create a notification for this product.
Credits
NATO Cyber Security Centre (NCSC) reported these vulnerabilities to Keysight.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24521",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-06T21:56:42.423574Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-06T21:57:07.875Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Ixia Vision Product Family",
          "vendor": "Keysight",
          "versions": [
            {
              "status": "affected",
              "version": "6.3.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "NATO Cyber Security Centre (NCSC) reported these vulnerabilities to Keysight."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "External XML entity injection allows arbitrary download of files. The \nscore without least privilege principle violation is as calculated \nbelow. In combination with other issues it may facilitate further \ncompromise of the device. Remediation in Version 6.8.0, release date: \n01-Mar-25."
            }
          ],
          "value": "External XML entity injection allows arbitrary download of files. The \nscore without least privilege principle violation is as calculated \nbelow. In combination with other issues it may facilitate further \ncompromise of the device. Remediation in Version 6.8.0, release date: \n01-Mar-25."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-05T15:17:23.659Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02"
        },
        {
          "url": "https://www.keysight.com/us/en/contact.html"
        },
        {
          "url": "https://support.ixiacom.com/"
        },
        {
          "url": "https://support.ixiacom.com/support-overview/product-support/downloads-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Keysight recommends that all users \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.ixiacom.com/support-overview/product-support/downloads-updates\"\u003eupgrade to the latest version of software as soon as possible.\u003c/a\u003e \n\nRemediation in Version 6.8.0, release date: \n01-Mar-25.\n\n\n\n Older versions of this software may have this vulnerability; Keysight \nrecommends that users discontinue the use of older software versions.\n\u003cp\u003eFor more information about the Ixia Vision Product Family, please visit \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.ixiacom.com/\"\u003eIxia product support\u003c/a\u003e\u003c/p\u003eFurther questions can be answered by \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.keysight.com/us/en/contact.html\"\u003econtacting Keysight.\u003c/a\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Keysight recommends that all users  upgrade to the latest version of software as soon as possible. https://support.ixiacom.com/support-overview/product-support/downloads-updates  \n\nRemediation in Version 6.8.0, release date: \n01-Mar-25.\n\n\n\n Older versions of this software may have this vulnerability; Keysight \nrecommends that users discontinue the use of older software versions.\nFor more information about the Ixia Vision Product Family, please visit  Ixia product support https://support.ixiacom.com/ \n\nFurther questions can be answered by  contacting Keysight. https://www.keysight.com/us/en/contact.html"
        }
      ],
      "source": {
        "advisory": "ICSA-25-063-02",
        "discovery": "EXTERNAL"
      },
      "title": "Keysight Ixia Vision Product Family Improper Restriction of XML External Entity Reference",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-24521",
    "datePublished": "2025-03-05T15:17:23.659Z",
    "dateReserved": "2025-02-05T15:36:40.939Z",
    "dateUpdated": "2025-03-06T21:57:07.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-24521\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2025-03-05T16:15:39.093\",\"lastModified\":\"2025-03-05T16:15:39.093\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"External XML entity injection allows arbitrary download of files. The \\nscore without least privilege principle violation is as calculated \\nbelow. In combination with other issues it may facilitate further \\ncompromise of the device. Remediation in Version 6.8.0, release date: \\n01-Mar-25.\"},{\"lang\":\"es\",\"value\":\"La inyecci\u00f3n de entidades XML externas permite la descarga arbitraria de archivos. La puntuaci\u00f3n sin violaci\u00f3n del principio de privilegio m\u00ednimo se calcula a continuaci\u00f3n. En combinaci\u00f3n con otros problemas, puede facilitar una mayor vulnerabilidad del dispositivo. Soluci\u00f3n en la versi\u00f3n 6.8.0, fecha de lanzamiento: 01-Mar-25.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"references\":[{\"url\":\"https://support.ixiacom.com/\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://support.ixiacom.com/support-overview/product-support/downloads-updates\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.keysight.com/us/en/contact.html\",\"source\":\"ics-cert@hq.dhs.gov\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-24521\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T21:56:42.423574Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T21:56:52.982Z\"}}], \"cna\": {\"title\": \"Keysight Ixia Vision Product Family Improper Restriction of XML External Entity Reference\", \"source\": {\"advisory\": \"ICSA-25-063-02\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"NATO Cyber Security Centre (NCSC) reported these vulnerabilities to Keysight.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Keysight\", \"product\": \"Ixia Vision Product Family\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.1\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Keysight recommends that all users  upgrade to the latest version of software as soon as possible. https://support.ixiacom.com/support-overview/product-support/downloads-updates  \\n\\nRemediation in Version 6.8.0, release date: \\n01-Mar-25.\\n\\n\\n\\n Older versions of this software may have this vulnerability; Keysight \\nrecommends that users discontinue the use of older software versions.\\nFor more information about the Ixia Vision Product Family, please visit  Ixia product support https://support.ixiacom.com/ \\n\\nFurther questions can be answered by  contacting Keysight. https://www.keysight.com/us/en/contact.html\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Keysight recommends that all users \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://support.ixiacom.com/support-overview/product-support/downloads-updates\\\"\u003eupgrade to the latest version of software as soon as possible.\u003c/a\u003e \\n\\nRemediation in Version 6.8.0, release date: \\n01-Mar-25.\\n\\n\\n\\n Older versions of this software may have this vulnerability; Keysight \\nrecommends that users discontinue the use of older software versions.\\n\u003cp\u003eFor more information about the Ixia Vision Product Family, please visit \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://support.ixiacom.com/\\\"\u003eIxia product support\u003c/a\u003e\u003c/p\u003eFurther questions can be answered by \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.keysight.com/us/en/contact.html\\\"\u003econtacting Keysight.\u003c/a\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02\"}, {\"url\": \"https://www.keysight.com/us/en/contact.html\"}, {\"url\": \"https://support.ixiacom.com/\"}, {\"url\": \"https://support.ixiacom.com/support-overview/product-support/downloads-updates\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"External XML entity injection allows arbitrary download of files. The \\nscore without least privilege principle violation is as calculated \\nbelow. In combination with other issues it may facilitate further \\ncompromise of the device. Remediation in Version 6.8.0, release date: \\n01-Mar-25.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"External XML entity injection allows arbitrary download of files. The \\nscore without least privilege principle violation is as calculated \\nbelow. In combination with other issues it may facilitate further \\ncompromise of the device. Remediation in Version 6.8.0, release date: \\n01-Mar-25.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-611\", \"description\": \"CWE-611 Improper Restriction of XML External Entity Reference\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2025-03-05T15:17:23.659Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-24521\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-06T21:57:07.875Z\", \"dateReserved\": \"2025-02-05T15:36:40.939Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2025-03-05T15:17:23.659Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.