CVE-2025-24494
Published: 05 March 2025
Description
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Security Summary
CVE-2025-24494 is a path traversal vulnerability (CWE-22) that may allow remote code execution in Ixia software components. It requires exploitation using a privileged device admin account and cannot be performed by a regular user. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-05.
An attacker with device admin credentials can exploit the path traversal remotely with low complexity and no user interaction. In combination with the 'Upload' functionality, this enables execution of an arbitrary script or possibly an uploaded binary, leading to high impacts on confidentiality, integrity, and availability.
Remediation is provided in Version 6.7.0, released on 20-Oct-24. Additional details are available in advisories from Ixia support sites and CISA ICS Advisory ICSA-25-063-02.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Path traversal in upload functionality directly enables remote exploitation of public-facing app (T1190) for RCE, facilitating tool ingress via upload (T1105) and arbitrary script/binary execution (T1059).