You are here

Digi ConnectPort LTS 32 MEI (ICSA-20-042-13)

Digi ConnectPort LTS 32 MEI (ICSA-20-042-13)

Created: Thursday, February 13, 2020 - 09:23
Categories:
Cybersecurity

CISA has published an advisory on unrestricted upload of file with dangerous type and cross-site scripting vulnerabilities in Digi International ConnectPort LTS 32 MEI. Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2 is affected. Successful exploitation of these vulnerabilities could limit system availability. Digi recommends users upgrade to the mandatory release of ConnectPort LTS Version 1.4.5, released on November 8, 2019. Additionally, it recommends a series of best practices. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.