← Back to home
ICSA-22-146-01  ·  Published 2022-05-26  ·  View on CISA ICS-CERT ↗

Keysight N6854A Geolocation server and N6841A RF Sensor software

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to obtain arbitrary operating system files and execute arbitrary code.

CVEs (2)

Remediations

  • Keysight recommends users update N6854A and N6841A RF to v2.4.0 or later.
  • Block incoming connection on TCP port number defined by environment variable KEYSIGHT_SMS_PORT (default: 8080)

Affected Vendors

Keysight Technologies, Inc.

Affected Products (1)

Keysight Technologies, Inc. · Keysight N6854A and N6841A RF <= 2.3.0

Affected Sectors

Critical Manufacturing, Transportation Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more