Digi One Sp Sp Ia Ia
Monthly
Authentication bypass in Digi International PortServer TS 1/2/4 and Digi One SP/SP IA/IA serial device servers permits remote unauthenticated attackers to circumvent authorization controls and access restricted device resources. The CVSS vector (AV:N/AC:H/PR:N/UI:N) confirms remote, credential-free exploitation but places High Attack Complexity on the flaw, indicating specific preconditions must be met - limiting opportunistic or automated mass exploitation. Impact is strictly confidentiality (C:H/I:N/A:N), meaning successful exploitation exposes restricted data or configuration without enabling modification or service disruption; no public exploit and no CISA KEV listing have been identified at time of analysis.
Authentication bypass in Digi International PortServer TS 1/2/4 and Digi One SP/SP IA/IA serial device servers permits remote unauthenticated attackers to circumvent authorization controls and access restricted device resources. The CVSS vector (AV:N/AC:H/PR:N/UI:N) confirms remote, credential-free exploitation but places High Attack Complexity on the flaw, indicating specific preconditions must be met - limiting opportunistic or automated mass exploitation. Impact is strictly confidentiality (C:H/I:N/A:N), meaning successful exploitation exposes restricted data or configuration without enabling modification or service disruption; no public exploit and no CISA KEV listing have been identified at time of analysis.