First published: Fri Oct 08 2021(Updated: )
An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Digi Realport | <=1.9-40 | |
Digi Realport | <=4.8.488.0 | |
Digi Connectport Ts 8\/16 Firmware | ||
Digi Connectport Ts 8\/16 | ||
Digi Connectport Lts 8\/16\/32 Firmware | ||
Digi Connectport Lts 8\/16\/32 | ||
Digi Passport Integrated Console Server Firmware | ||
Digi Passport Integrated Console Server | ||
Digi Cm Firmware | ||
Digi Cm | ||
Digi Portserver Ts Firmware | ||
Digi Portserver Ts | ||
Digi Portserver Ts Mei Firmware | ||
Digi Portserver Ts Mei | ||
Digi Portserver Ts Mei Hardened Firmware | ||
Digi Portserver Ts Mei Hardened | ||
Digi Portserver Ts M Mei Firmware | ||
Digi Portserver Ts M Mei | ||
Digi 6350-sr Firmware | ||
Digi 6350-sr | ||
Digi Portserver Ts P Mei Firmware | ||
Digi Portserver Ts P Mei | ||
Digi Transport Wr11 Xt Firmware | ||
Digi Transport Wr11 Xt | ||
Digi One Iap Family Firmware | ||
Digi One Iap Family | ||
Digi One Ia Firmware | ||
Digi One Ia | ||
Digi Wr31 Firmware | ||
Digi Wr31 | ||
Digi Wr44 R Firmware | ||
Digi Wr44 R | ||
Digi Connect Es Firmware | ||
Digi Connect Es | ||
Digi Wr21 Firmware | ||
Digi Wr21 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-35977 is critical with a score of 9.8.
The affected software for CVE-2021-35977 includes Digi RealPort for Windows up to version 4.8.488.0.
The vulnerability in CVE-2021-35977 manifests as a buffer overflow in the handling of ADDP discovery response messages in Digi RealPort for Windows.
The potential impact of CVE-2021-35977 is arbitrary code execution.
No, Digi RealPort for Linux is not affected by CVE-2021-35977.