CVE-2023-34394 Information

Description

In Keysight Geolocation Server v2.4.2 and prior an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation which could result in local privilege escalation or a denial-of-service condition.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02