Use of Password Hash Instead of Password for Authentication in Digi International Inc. products - CVE-2023-4299

Vulnerability identifier: #VU80325

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2023-4299

CWE-ID: CWE-836

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Digi International Inc.

Affected software:
Digi RealPort for Windows
​Digi RealPort for Linux
​Digi Passport Console Server
​Digi CM Console Server
​Digi PortServer TS
​Digi PortServer TS MEI
​Digi PortServer TS MEI Hardened
​Digi PortServer TS M MEI
​Digi PortServer TS P MEI
​Digi One IAP Family
​Digi One IA
​Digi One SP IA
​Digi One SP
​Digi WR31
​Digi WR11 XT
​Digi WR44 R
​Digi WR21
​Digi Connect SP
​Digi ConnectPort TS 8/16
​Digi ConnectPort LTS 8/16/32
​Digi Connect ES

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to use of password hash instead of password for authentication in Digi RealPort Protocol. A remote attacker can perform a replay attack and bypass authentication to access connected equipment.

Install updates from vendor's website.

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-04
• https://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdf