Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52543 | 2025-09-02 | N/A | N/A | ||
| E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash. | |||||
| CVE-2025-48925 | 2025-07-01 | N/A | 4.3 MEDIUM | ||
| The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential. | |||||
| CVE-2023-4299 | 1 Digi | 39 Cm, Cm Firmware, Connect Es and 36 more | 2024-11-21 | N/A | 9.0 CRITICAL |
| Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment. | |||||