CVE-2025-24521 Information

Description

External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0 release date: 01-Mar-25.

Reference

https://support.ixiacom.com/ https://support.ixiacom.com/support-overview/product-support/downloads-updates https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02 https://www.keysight.com/us/en/contact.html