CVE-2025-15351 — ThreaTel

THREATEL Threat Intel

v0.1

CVE-2025-15351

HIGH 7.8

Published

2026-01-23

Last Modified

2026-02-23

Affected Apps

15

Affected Devices

50

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CHX files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27040.

Affected Applications in Environment 15

tar v2:1.34-7.el9

tar v2:1.30-11.el8_10

tar v1.28-2.1ubuntu0.2

tar v2:1.30-11.el8_10

tar v2:1.34-9.el9_7

tar v2:1.34-9.el9_7

tar v1.29b-2ubuntu0.4

tar v2:1.26-35.el7

tar v2:1.34-9.el9_7

tar v1.28-2.1ubuntu0.2+esm3

tar v2:1.35-9.el10_1

tar v2:1.30-9.el8

tar v2:1.30-9.el8

tar v2:1.34-7.el9

tar v1.27.1-1ubuntu0.1

Affected Devices 50

atc.db.usu.edu Linux chela03 Linux chela04 Linux chela05 Linux cleanaddressdev.banner.usu.edu Linux devjobsub.banner.usu.edu Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux guru.cluster Linux hotcheeto Linux my2 Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux thinkstation Linux web04a Linux web05 Linux web21 Linux web22 Linux zldtst.db.usu.edu Linux

References 1

https://www.zerodayinitiative.com/advisories/ZDI-25-1202/