First published: Fri Oct 08 2021(Updated: )
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Digi Realport | <=1.9-40 | |
Digi Realport | <=4.8.488.0 | |
Digi Connectport Ts 8\/16 Firmware | ||
Digi Connectport Ts 8\/16 | ||
Digi Connectport Lts 8\/16\/32 Firmware | ||
Digi Connectport Lts 8\/16\/32 | ||
Digi Passport Integrated Console Server Firmware | ||
Digi Passport Integrated Console Server | ||
Digi Cm Firmware | ||
Digi Cm | ||
Digi Portserver Ts Firmware | ||
Digi Portserver Ts | ||
Digi Portserver Ts Mei Firmware | ||
Digi Portserver Ts Mei | ||
Digi Portserver Ts Mei Hardened Firmware | ||
Digi Portserver Ts Mei Hardened | ||
Digi Portserver Ts M Mei Firmware | ||
Digi Portserver Ts M Mei | ||
Digi 6350-sr Firmware | ||
Digi 6350-sr | ||
Digi Portserver Ts P Mei Firmware | ||
Digi Portserver Ts P Mei | ||
Digi Transport Wr11 Xt Firmware | ||
Digi Transport Wr11 Xt | ||
Digi One Iap Family Firmware | ||
Digi One Iap Family | ||
Digi One Ia Firmware | ||
Digi One Ia | ||
Digi Wr31 Firmware | ||
Digi Wr31 | ||
Digi Wr44 R Firmware | ||
Digi Wr44 R | ||
Digi Connect Es Firmware | ||
Digi Connect Es | ||
Digi Wr21 Firmware | ||
Digi Wr21 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-35979 is a vulnerability in Digi RealPort through 4.8.488.0 that allows man-in-the-middle attacks and lacks authentication in the 'encrypted' mode.
CVE-2021-35979 has a severity rating of 8.1 (High).
Digi RealPort versions up to 4.8.488.0 on Linux and Windows are affected by CVE-2021-35979.
Currently, there is no fix or patch available for CVE-2021-35979. It is recommended to contact the vendor for further assistance.
No, Digi Connectport Ts 8/16 is not vulnerable to CVE-2021-35979.