#VU80325 Use of Password Hash Instead of Password for Authentication in Digi International Inc. Server applications


Published: 2023-09-04

Vulnerability identifier: #VU80325

Vulnerability risk: High

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4299

CWE-ID: CWE-836

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Digi RealPort for Windows
Server applications / Other server solutions
​Digi RealPort for Linux
Server applications / Other server solutions
​Digi Passport Console Server
Server applications / Other server solutions
​Digi CM Console Server
Server applications / Other server solutions
​Digi PortServer TS
Server applications / Other server solutions
​Digi PortServer TS MEI
Server applications / Other server solutions
​Digi PortServer TS MEI Hardened
Server applications / Other server solutions
​Digi PortServer TS M MEI
Server applications / Other server solutions
​Digi PortServer TS P MEI
Server applications / Other server solutions
​Digi One IAP Family
Server applications / Other server solutions
​Digi One IA
Server applications / Other server solutions
​Digi One SP IA
Server applications / Other server solutions
​Digi One SP
Server applications / Other server solutions
​Digi WR31
Server applications / Other server solutions
​Digi WR11 XT
Server applications / Other server solutions
​Digi WR44 R
Server applications / Other server solutions
​Digi WR21
Server applications / Other server solutions
​Digi Connect SP
Server applications / Other server solutions
​Digi ConnectPort TS 8/16
Server applications / Other server solutions
​Digi ConnectPort LTS 8/16/32
Server applications / Other server solutions
​Digi Connect ES
Server applications / Other server solutions

Vendor: Digi International Inc.

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to use of password hash instead of password for authentication in Digi RealPort Protocol. A remote attacker can perform a replay attack and bypass authentication to access connected equipment.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Digi RealPort for Windows: 4.8.488.0

​Digi RealPort for Linux: 1.9-40

​Digi Passport Console Server: All versions

​Digi CM Console Server: All versions

​Digi PortServer TS: All versions

​Digi PortServer TS MEI: All versions

​Digi PortServer TS MEI Hardened: All versions

​Digi PortServer TS M MEI: All versions

​Digi PortServer TS P MEI: All versions

​Digi One IAP Family: All versions

​Digi One IA: All versions

​Digi One SP IA: All versions

​Digi One SP: All versions

​Digi WR31: All versions

​Digi WR11 XT: All versions

​Digi WR44 R: All versions

​Digi WR21: All versions

​Digi Connect SP: All versions

External links
http://www.cisa.gov/news-events/ics-advisories/icsa-23-243-04
http://www.digi.com/getattachment/resources/security/alerts/realport-cves/Dragos-Disclosure-Statement.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Use of Password Hash Instead of Password for Authentication in Digi RealPort Protocol