CVE-2023-1399
published 2023-03-27CVE-2023-1399: N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.78%
51.5th percentile
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| keysight | n6854a_firmware | <= 2.4.2 | — |
| keysight_technologies | n6854a_geolocation_server | <= 2.4.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Attack vector is local (AV:L) with low complexity and low privileges required — focus detection on local process execution, privilege escalation, and unexpected file/folder deletion on affected Geolocation Server hosts. ↗
- ·This vulnerability is NOT remotely exploitable — it requires local access, so network-based detection rules alone are insufficient. ↗
- ·No known public exploits exist for this vulnerability at time of advisory publication. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Keysight N6845A Geolocation Server
cisa_ics·2023-03-21·CVSS 7.8
[HIGH] Keysight N6845A Geolocation Server
ICS Advisory
##
Keysight N6845A Geolocation Server
Release DateMarch 21, 2023
Alert CodeICSA-23-080-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.8
- ATTENTION: Low attack complexity
- Vendor: Keysight Technologies
- Equipment: N6854A Geolocation Sever
- Vulnerability: Deserialization of Untrusted Data
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to escalate privileges in the affected device’s default configuration, resulting in remote code execution or deleting system files and folders.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Keysight monitoring products are affected:
- N6854A Geolocation Server versions 2.4.2 and prior
## 3.2 VULNERABILITY OVERVIEW
## 3.2.1 DESERIALIZATION OF UNTRUSTED D
GHSA
GHSA-c7p4-qvpp-vjjq: N6854A Geolocation Server versions 2
ghsa_unreviewed·2023-07-06
CVE-2023-1399 [CRITICAL] CWE-502 GHSA-c7p4-qvpp-vjjq: N6854A Geolocation Server versions 2
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-03-27
Published