CVE-2023-4299
published 2023-08-31CVE-2023-4299: Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
PriorityP351high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.55%
41.8th percentile
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| digi | connect_es_firmware | < 2.26.2.4 | 2.26.2.4 |
| digi | connectport_lts_8_16_32_firmware | < 1.4.9 | 1.4.9 |
| digi | connectport_ts_8_16_firmware | < 2.26.2.4 | 2.26.2.4 |
| digi | realport | <= 1.9-40 | — |
| digi | realport | <= 4.8.488.0 | — |
| digi_international | digi_cm_console_server | — | — |
| digi_international | digi_connect_es | < 2.26.2.4 | 2.26.2.4 |
| digi_international | digi_connect_sp | — | — |
| digi_international | digi_connectport_lts_8_16_32 | < 1.4.9 | 1.4.9 |
| digi_international | digi_connectport_ts_8_16 | < 2.26.2.4 | 2.26.2.4 |
| digi_international | digi_one_ia | — | — |
| digi_international | digi_one_iap_family | — | — |
| digi_international | digi_one_sp | — | — |
| digi_international | digi_one_sp_ia | — | — |
| digi_international | digi_passport_console_server | — | — |
| digi_international | digi_portserver_ts | — | — |
| digi_international | digi_portserver_ts_m_mei | — | — |
| digi_international | digi_portserver_ts_mei | — | — |
| digi_international | digi_portserver_ts_mei_hardened | — | — |
| digi_international | digi_portserver_ts_p_mei | — | — |
| digi_international | digi_realport | <= 4.8.488.0 | — |
| digi_international | digi_wr11_xt | — | — |
| digi_international | digi_wr21 | — | — |
| digi_international | digi_wr31 | — | — |
| digi_international | digi_wr44_r | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6mw3-9jr4-xc73: Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment
ghsa_unreviewed·2023-08-31
CVE-2023-4299 [HIGH] CWE-836 GHSA-6mw3-9jr4-xc73: Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
CISA ICS
Digi RealPort Protocol
cisa_ics·2023-08-31·CVSS 9.0
[CRITICAL] Digi RealPort Protocol
ICS Advisory
##
Digi RealPort Protocol
Release DateAugust 31, 2023
Alert CodeICSA-23-243-04
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.0
- ATTENTION: Exploitable remotely
- Vendor: Digi International, Inc.
- Equipment: Digi RealPort Protocol
- Vulnerability: Use of Password Hash Instead of Password for Authentication
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow the attacker to access connected equipment.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Digi International reports that the following products using Digi RealPort Protocol are affected:
- Digi RealPort for Windows: version 4.8.488.0 and earlier
- Digi RealPort for Linux: version 1.9-40 and earlier
- Digi ConnectPort TS 8/16: versions prior to 2.26.2
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-04https://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdfhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-243-04https://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdf
2023-08-31
Published