which may allow an attacker to intercept or decrypt payloads sent to the
device via API calls or user authentication if the end user does not
replace the TLS certificate that shipped with the device. Remediation is
available in Version 6.9.1, released on September 23, 2025.
Metrics
Affected Vendors & Products
Solution
Keysight recommends that all users upgrade to the latest version of software as soon as possible. https://support.ixiacom.com/support-overview/product-support/downloads-updates Older versions of this software may have these vulnerabilities; Keysight recommends that users discontinue the use of older software versions. For more information about the Ixia Vision Product Family, visit Ixia product support https://support.ixiacom.com/ Further questions can be answered by contacting Keysight. https://www.keysight.com/us/en/contact.html
Workaround
No workaround given by the vendor.
Tue, 30 Sep 2025 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available in Version 6.9.1, released on September 23, 2025. | |
Title | Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key | |
Weaknesses | CWE-321 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2025-09-30T23:04:14.688Z
Reserved: 2025-02-05T15:36:40.948Z
Link: CVE-2025-24525

No data.

Status : Received
Published: 2025-09-30T23:15:27.970
Modified: 2025-09-30T23:15:27.970
Link: CVE-2025-24525

No data.

No data.