Use of Password Hash Instead of Password for Authentication in Digi RealPort Protocol
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Use of Password Hash Instead of Password for Authentication
EUVDB-ID: #VU80325
Risk: High
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4299
CWE-ID:
CWE-836 - Use of Password Hash Instead of Password for Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of password hash instead of password for authentication in Digi RealPort Protocol. A remote attacker can perform a replay attack and bypass authentication to access connected equipment.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDigi RealPort for Windows: 4.8.488.0
Digi RealPort for Linux: 1.9-40
Digi Passport Console Server: All versions
Digi CM Console Server: All versions
Digi PortServer TS: All versions
Digi PortServer TS MEI: All versions
Digi PortServer TS MEI Hardened: All versions
Digi PortServer TS M MEI: All versions
Digi PortServer TS P MEI: All versions
Digi One IAP Family: All versions
Digi One IA: All versions
Digi One SP IA: All versions
Digi One SP: All versions
Digi WR31: All versions
Digi WR11 XT: All versions
Digi WR44 R: All versions
Digi WR21: All versions
Digi Connect SP: All versions
Digi ConnectPort TS 8/16: before 2.26.2.4
Digi ConnectPort LTS 8/16/32: before 1.4.9
Digi Connect ES: before 2.26.2.4
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-23-243-04
http://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
