cbcvebase.
CVE-2022-1660
published 2022-06-02

CVE-2022-1660: The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to…

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
15.97%
96.5th percentile
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.

Affected

3 ranges
VendorProductVersion rangeFixed in
keysightn6841a_rf_firmware< 2.4.02.4.0
keysightn6854a_firmware< 2.4.02.4.0
keysightn6854a_geolocation_server_and_n6841a_rf_sensor_software>= all < 2.3.02.3.0

Detection & IOCsextracted from sources · hover to see the quote

port8080
  • Monitor and block inbound TCP connections on the port defined by the KEYSIGHT_SMS_PORT environment variable (default 8080) to detect or prevent exploitation of the unauthenticated deserialization endpoint on Keysight N6854A/N6841A RF software.
  • Target is Keysight N6854A Geolocation server and N6841A RF Sensor software version 2.3.0 and earlier; exploitation requires no authentication or user interaction (CVSS AV:N/AC:L/PR:N/UI:N), making any inbound deserialization traffic to the service port highly suspicious.
  • ·The default service port (8080) can be overridden by the KEYSIGHT_SMS_PORT environment variable; defenders must check the actual environment variable value on deployed systems rather than assuming port 8080.
  • ·No known public exploits specifically target this vulnerability at the time of advisory publication, limiting available signature-based detection options.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.