CVE-2021-35977: Buffer Overflow
First published: Fri Oct 08 2021(Updated: )
An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Digi Realport | <=1.9-40 | |
| Digi Realport | <=4.8.488.0 | |
| Digi Connectport Ts 8\/16 Firmware | ||
| Digi Connectport Ts 8\/16 | ||
| Digi Connectport Lts 8\/16\/32 Firmware | ||
| Digi Connectport Lts 8\/16\/32 | ||
| Digi Passport Integrated Console Server Firmware | ||
| Digi Passport Integrated Console Server | ||
| Digi Cm Firmware | ||
| Digi Cm | ||
| Digi Portserver Ts Firmware | ||
| Digi Portserver Ts | ||
| Digi Portserver Ts Mei Firmware | ||
| Digi Portserver Ts Mei | ||
| Digi Portserver Ts Mei Hardened Firmware | ||
| Digi Portserver Ts Mei Hardened | ||
| Digi Portserver Ts M Mei Firmware | ||
| Digi Portserver Ts M Mei | ||
| Digi 6350-sr Firmware | ||
| Digi 6350-sr | ||
| Digi Portserver Ts P Mei Firmware | ||
| Digi Portserver Ts P Mei | ||
| Digi Transport Wr11 Xt Firmware | ||
| Digi Transport Wr11 Xt | ||
| Digi One Iap Family Firmware | ||
| Digi One Iap Family | ||
| Digi One Ia Firmware | ||
| Digi One Ia | ||
| Digi Wr31 Firmware | ||
| Digi Wr31 | ||
| Digi Wr44 R Firmware | ||
| Digi Wr44 R | ||
| Digi Connect Es Firmware | ||
| Digi Connect Es | ||
| Digi Wr21 Firmware | ||
| Digi Wr21 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-35977?
The severity of CVE-2021-35977 is critical with a score of 9.8.
What is the affected software for CVE-2021-35977?
The affected software for CVE-2021-35977 includes Digi RealPort for Windows up to version 4.8.488.0.
How does the vulnerability in CVE-2021-35977 manifest?
The vulnerability in CVE-2021-35977 manifests as a buffer overflow in the handling of ADDP discovery response messages in Digi RealPort for Windows.
What is the potential impact of CVE-2021-35977?
The potential impact of CVE-2021-35977 is arbitrary code execution.
Is Digi RealPort for Linux affected by CVE-2021-35977?
No, Digi RealPort for Linux is not affected by CVE-2021-35977.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/tags
- vendor/digi
- canonical/digi realport
- version/digi realport/1.9-40
- version/digi realport/4.8.488.0
- canonical/digi connectport ts 8\/16 firmware
- canonical/digi connectport ts 8\/16
- canonical/digi connectport lts 8\/16\/32 firmware
- canonical/digi connectport lts 8\/16\/32
- canonical/digi passport integrated console server firmware
- canonical/digi passport integrated console server
- canonical/digi cm firmware
- canonical/digi cm
- canonical/digi portserver ts firmware
- canonical/digi portserver ts
- canonical/digi portserver ts mei firmware
- canonical/digi portserver ts mei
- canonical/digi portserver ts mei hardened firmware
- canonical/digi portserver ts mei hardened
- canonical/digi portserver ts m mei firmware
- canonical/digi portserver ts m mei
- canonical/digi 6350-sr firmware
- canonical/digi 6350-sr
- canonical/digi portserver ts p mei firmware
- canonical/digi portserver ts p mei
- canonical/digi transport wr11 xt firmware
- canonical/digi transport wr11 xt
- canonical/digi one iap family firmware
- canonical/digi one iap family
- canonical/digi one ia firmware
- canonical/digi one ia
- canonical/digi wr31 firmware
- canonical/digi wr31
- canonical/digi wr44 r firmware
- canonical/digi wr44 r
- canonical/digi connect es firmware
- canonical/digi connect es
- canonical/digi wr21 firmware
- canonical/digi wr21