Vulnerabilities > Keysight > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-27 CVE-2023-1967 Deserialization of Untrusted Data vulnerability in Keysight N8844A 2.1.7351
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid.
network
low complexity
keysight CWE-502
critical
9.8
2023-03-27 CVE-2023-1399 Deserialization of Untrusted Data vulnerability in Keysight N6854A Firmware 2.3.0/2.4.0/2.4.2
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution.
network
low complexity
keysight CWE-502
critical
9.8
2022-06-02 CVE-2022-1660 Deserialization of Untrusted Data vulnerability in Keysight N6841A RF Firmware and N6854A Firmware
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
keysight CWE-502
critical
10.0