CVE-2025-15350— Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CHX files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27039.

N/A

可信数据的反序列化

Anritsu VectorStar 代码问题漏洞

Anritsu VectorStar是日本Anritsu公司的一系列矢量网络分析仪。 Anritsu VectorStar存在代码问题漏洞，该漏洞源于解析CHX文件时缺少对用户提供数据的验证，可能导致反序列化不受信任的数据并执行远程代码。

N/A

N/A