cbcvebase.
CVE-2023-4299
published 2023-08-31

CVE-2023-4299: Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

PriorityP351high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.55%
41.8th percentile
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

Affected

25 ranges
VendorProductVersion rangeFixed in
digiconnect_es_firmware< 2.26.2.42.26.2.4
digiconnectport_lts_8_16_32_firmware< 1.4.91.4.9
digiconnectport_ts_8_16_firmware< 2.26.2.42.26.2.4
digirealport<= 1.9-40
digirealport<= 4.8.488.0
digi_internationaldigi_cm_console_server
digi_internationaldigi_connect_es< 2.26.2.42.26.2.4
digi_internationaldigi_connect_sp
digi_internationaldigi_connectport_lts_8_16_32< 1.4.91.4.9
digi_internationaldigi_connectport_ts_8_16< 2.26.2.42.26.2.4
digi_internationaldigi_one_ia
digi_internationaldigi_one_iap_family
digi_internationaldigi_one_sp
digi_internationaldigi_one_sp_ia
digi_internationaldigi_passport_console_server
digi_internationaldigi_portserver_ts
digi_internationaldigi_portserver_ts_m_mei
digi_internationaldigi_portserver_ts_mei
digi_internationaldigi_portserver_ts_mei_hardened
digi_internationaldigi_portserver_ts_p_mei
digi_internationaldigi_realport<= 4.8.488.0
digi_internationaldigi_wr11_xt
digi_internationaldigi_wr21
digi_internationaldigi_wr31
digi_internationaldigi_wr44_r
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.