CVE-2023-4299

Summary

Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

Affected Software

VendorProductVersion RangeStatus
Digi InternationalDigi RealPort0 <= 4.8.488.0affected
Digi InternationalDigi RealPort0 <= 1.9-40affected
Digi InternationalDigi ConnectPort TS 8/160 < 2.26.2.4affected
Digi InternationalDigi Passport Console Serverall versionsaffected
Digi InternationalDigi ConnectPort LTS 8/16/320 < 1.4.9affected
Digi InternationalDigi CM Console Serverall versionsaffected
Digi InternationalDigi PortServer TSall versionsaffected
Digi InternationalDigi PortServer TS MEIall versionsaffected
Digi InternationalDigi PortServer TS MEI Hardenedall versionsaffected
Digi InternationalDigi PortServer TS M MEIall versionsaffected
Digi InternationalDigi PortServer TS P MEIall versionsaffected
Digi InternationalDigi One IAP Familyall versionsaffected
Digi InternationalDigi One IAall versionsaffected
Digi InternationalDigi One SP IAall versionsaffected
Digi International​Digi One SPall versionsaffected
Digi InternationalDigi WR31all versionsaffected
Digi InternationalDigi WR11 XTall versionsaffected
Digi InternationalDigi WR44 Rall versionsaffected
Digi InternationalDigi WR21all versionsaffected
Digi InternationalDigi Connect ES0 < 2.26.2.4affected
Digi InternationalDigi Connect SPall versionsaffected
Digi InternationalDigi 6350-SRall versionsunaffected
Digi InternationalDigi ConnectCore 8X productsall versionsunaffected

Weaknesses

  • CWE-836: CWE-836

Workarounds

Dragos recommends restricting access to Digi devices on TCP/771 (default) or TCP/1027 (if encryption is enabled, this is the default port). Only allow the workstations which initiate RealPort connections to communicate to the field equipment on those ports. Note that most of Digi's devices allow you to change the setting for which TCP port the RealPort service runs on, so end users should consult their device configuration and restrict access to the configured port if it is not the default.

​If using the system in 'reverse' mode, where the Digi device calls back to the Windows or Linux workstation, then Dragos recommends restricting access to the workstation on TCP/771 or TCP/1027 to known Digi RealPort devices on your network. This port may be configured by end users, so consult the workstation and device configurations to ensure coverage.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References