Share:

CVE-2021-35979

Critical 8.1

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.

Published October 8, 2021.

Affected software

Digi 6350-sr Firmware

Digi One Ia Firmware

Digi Portserver Ts M Mei Firmware

Digi Connectport Ts 8\/16 Firmware

Digi Transport Wr11 Xt Firmware

Digi Connectcore 8x Firmware

Digi Portserver Ts Mei Firmware

Digi One Iap Family Firmware

Digi Portserver Ts Firmware

Digi Connect Es Firmware

Digi Portserver Ts P Mei Firmware

Digi Wr44 R Firmware

Digi Wr21 Firmware

Digi Connectport Lts 8\/16\/32 Firmware

Digi Portserver Ts Mei Hardened Firmware

Digi Cm Firmware

Digi Passport Integrated Console Server Firmware

Digi Wr31 Firmware

Get alerts for Digi Realport

Reference links

https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt