Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

Fixes

Solution

Digi International recommends users acquire and install patches that they have made available for the following products: * ​RealPort software for Windows: Fixed in 4.10.490 * ​Digi ConnectPort TS 8/16: Fixed in firmware version 2.26.2.4 * ​Digi ConnectPort LTS 8/16/32: Fixed in version 1.4.9 * ​Digi Connect ES: Fixed in firmware version 2.26.2.4 ​For more information, see the customer notification document https://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdf  published by Digi International.


Workaround

Dragos recommends restricting access to Digi devices on TCP/771 (default) or TCP/1027 (if encryption is enabled, this is the default port). Only allow the workstations which initiate RealPort connections to communicate to the field equipment on those ports. Note that most of Digi's devices allow you to change the setting for which TCP port the RealPort service runs on, so end users should consult their device configuration and restrict access to the configured port if it is not the default. ​If using the system in 'reverse' mode, where the Digi device calls back to the Windows or Linux workstation, then Dragos recommends restricting access to the workstation on TCP/771 or TCP/1027 to known Digi RealPort devices on your network. This port may be configured by end users, so consult the workstation and device configurations to ensure coverage.

History

Thu, 16 Jan 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-01-16T21:30:37.810Z

Reserved: 2023-08-10T20:14:27.489Z

Link: CVE-2023-4299

cve-icon Vulnrichment

Updated: 2024-08-02T07:24:04.616Z

cve-icon NVD

Status : Modified

Published: 2023-08-31T21:15:09.183

Modified: 2024-11-21T08:34:48.760

Link: CVE-2023-4299

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.