CVE-2023-4299
HIGH EPSS 41.9%
Published Aug 31, 20232y ago · Modified Jun 17, 20261w ago
8.1 CVSS 3.1
Published Aug 31, 2023 2y ago
Last Modified Jun 17, 2026 1w ago
Description
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
41.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-836
Affected Products 40
| Vendor | Product | Version | Range |
|---|---|---|---|
| digi | realport | * | ≤1.9-40 |
| digi | realport | * | ≤4.8.488.0 |
| digi | connectport_ts_8\/16_firmware | * | <2.26.2.4 |
| digi | connectport_ts_8\/16 | * | any |
| digi | passport_firmware | * | any |
| digi | passport | * | any |
| digi | connectport_lts_8\/16\/32_firmware | * | <1.4.9 |
| digi | connectport_lts_8\/16\/32 | * | any |
| digi | cm_firmware | * | any |
| digi | cm | * | any |
| digi | portserver_ts_firmware | * | any |
| digi | portserver_ts | * | any |
| digi | portserver_ts_mei_firmware | * | any |
| digi | portserver_ts_mei | * | any |
| digi | portserver_ts_mei_hardened_firmware | * | any |
| digi | portserver_ts_mei_hardened | * | any |
| digi | portserver_ts_m_mei_firmware | * | any |
| digi | portserver_ts_m_mei | * | any |
| digi | portserver_ts_p_mei_firmware | * | any |
| digi | portserver_ts_p_mei | * | any |
| digi | one_iap_firmware | * | any |
| digi | one_iap | * | any |
| digi | one_ia_firmware | * | any |
| digi | one_ia | * | any |
| digi | one_sp_ia_firmware | * | any |
| digi | one_sp_ia | * | any |
| digi | one_sp_firmware | * | any |
| digi | one_sp | * | any |
| digi | wr31_firmware | * | any |
| digi | wr31 | * | any |
| digi | transport_wr11_xt_firmware | * | any |
| digi | transport_wr11_xt | * | any |
| digi | wr44_r_firmware | * | any |
| digi | wr44_r | * | any |
| digi | wr21_firmware | * | any |
| digi | wr21 | * | any |
| digi | connect_es_firmware | * | <2.26.2.4 |
| digi | connect_es | * | any |
| digi | connect_sp_firmware | * | any |
| digi | connect_sp | * | any |
References 2
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.