cbcvebase.
CVE-2023-1399
published 2023-03-27

CVE-2023-1399: N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.78%
51.5th percentile
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution.

Affected

2 ranges
VendorProductVersion rangeFixed in
keysightn6854a_firmware<= 2.4.2
keysight_technologiesn6854a_geolocation_server<= 2.4.2

Detection & IOCsextracted from sources · hover to see the quote

  • Attack vector is local (AV:L) with low complexity and low privileges required — focus detection on local process execution, privilege escalation, and unexpected file/folder deletion on affected Geolocation Server hosts.
  • ·This vulnerability is NOT remotely exploitable — it requires local access, so network-based detection rules alone are insufficient.
  • ·No known public exploits exist for this vulnerability at time of advisory publication.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.