CVE-2021-35979
First published: Fri Oct 08 2021(Updated: )
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Digi RealPort | <=1.9-40 | |
| Digi RealPort | <=4.8.488.0 | |
| Digi Connectport Ts 8/16 Firmware | ||
| Digi Connectport Ts 8/16 | ||
| Digi Connectport LTS 8/16/32 Firmware | ||
| Digi ConnectPort LTS 8/16/32 | ||
| Digi Passport | ||
| Digi Passport Integrated Console Server Firmware | ||
| Digi Cm | ||
| Digi Cm Firmware | ||
| Digi PortServer TS Firmware | ||
| Digi PortServer TS | ||
| Digi PortServer TS MEI Firmware | ||
| Digi PortServer TS MEI | ||
| Digi Portserver TS MEI Hardened Firmware | ||
| Digi Portserver TS MEI Hardened Firmware | ||
| Digi PortServer TS MEI Firmware | ||
| Digi PortServer TS MEI | ||
| Digi 6350-SR | ||
| Digi 6350-SR Firmware | ||
| Digi PortServer TS P MEI Firmware | ||
| Digi PortServer TS MEI | ||
| Digi Transport Wr11 Firmware | ||
| Digi Transport | ||
| Digi One Iap Firmware | ||
| Digi One IAP | ||
| Digi One IA | ||
| Digi One Iap Firmware | ||
| Digi WR31 Firmware | ||
| Digi WR31 Firmware | ||
| Digi Transport WR44 Firmware | ||
| Digi WR44 R Firmware | ||
| Digi Connect ES | ||
| Digi Connect ES | ||
| Digi WR21 | ||
| Digi TransPort WR21 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-35979?
CVE-2021-35979 is a vulnerability in Digi RealPort through 4.8.488.0 that allows man-in-the-middle attacks and lacks authentication in the 'encrypted' mode.
What is the severity of CVE-2021-35979?
CVE-2021-35979 has a severity rating of 8.1 (High).
Which software versions are affected by CVE-2021-35979?
Digi RealPort versions up to 4.8.488.0 on Linux and Windows are affected by CVE-2021-35979.
How can I fix CVE-2021-35979?
Currently, there is no fix or patch available for CVE-2021-35979. It is recommended to contact the vendor for further assistance.
Is Digi Connectport Ts 8/16 affected by CVE-2021-35979?
No, Digi Connectport Ts 8/16 is not vulnerable to CVE-2021-35979.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/digi
- canonical/digi realport
- version/digi realport/1.9-40
- version/digi realport/4.8.488.0
- canonical/digi connectport ts 8/16 firmware
- canonical/digi connectport ts 8/16
- canonical/digi connectport lts 8/16/32 firmware
- canonical/digi connectport lts 8/16/32
- canonical/digi passport
- canonical/digi passport integrated console server firmware
- canonical/digi cm
- canonical/digi cm firmware
- canonical/digi portserver ts firmware
- canonical/digi portserver ts
- canonical/digi portserver ts mei firmware
- canonical/digi portserver ts mei
- canonical/digi portserver ts mei hardened firmware
- canonical/digi 6350-sr
- canonical/digi 6350-sr firmware
- canonical/digi portserver ts p mei firmware
- canonical/digi transport wr11 firmware
- canonical/digi transport
- canonical/digi one iap firmware
- canonical/digi one iap
- canonical/digi one ia
- canonical/digi wr31 firmware
- canonical/digi transport wr44 firmware
- canonical/digi wr44 r firmware
- canonical/digi connect es
- canonical/digi wr21
- canonical/digi transport wr21