Digi ConnectPort LTS 32 MEI

Plan Patch8.5ICS-CERT ICSA-20-042-13Feb 11, 2020

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

The ConnectPort LTS 32 MEI firmware version 1.4.3 contains a code injection vulnerability (CWE-79) and a related control flow issue (CWE-43) that can be exploited by an authenticated attacker over the network. Successful exploitation could allow arbitrary code execution or content injection on the device, potentially disrupting remote management and monitoring of connected industrial control system equipment. The vulnerability has a CVSS score of 8.5 (high severity).

What this means

What could happen

An attacker with authenticated network access could execute arbitrary code or inject malicious content on the ConnectPort LTS device, potentially disrupting remote connectivity and management of critical infrastructure assets that rely on this gateway.

Who's at risk

Organizations that use Digi ConnectPort LTS 32 MEI devices as remote management gateways for industrial control systems, water treatment facilities, electric distribution networks, and other critical infrastructure should prioritize this fix. These devices often serve as the bridge between field equipment (PLCs, RTUs, remote terminal units) and central management networks.

How it could be exploited

An attacker with valid credentials on the network where the ConnectPort LTS is deployed could send a specially crafted request to exploit the injection vulnerability (CWE-79) or execute code through CWE-43. This would occur over the network interface without requiring user interaction. The attacker could then manipulate device configuration or operations.

Prerequisites

Network access to the ConnectPort LTS device
Valid authentication credentials (login required per CVSS metric PR:L)
Device running firmware version 1.4.3 or earlier
Vulnerable features or services enabled on the device

Remotely exploitableRequires valid credentialsNo patch available for firmware version 1.4.3Affects remote access gateway for critical infrastructure

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

ConnectPort LTS 32 MEI: firmware1.4.31.4.5

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGImplement network access controls to restrict connectivity to the ConnectPort LTS device; ensure it is not accessible directly from the internet or untrusted networks

HARDENINGReview and enforce strong authentication credentials for all user accounts on the ConnectPort LTS device

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade ConnectPort LTS firmware to version 1.4.5 or later

HOTFIXTest the firmware update in a controlled environment before deploying to production; follow the recommended update sequence (device firmware, modem firmware, configuration, application)

Long-term hardening

0/1

HARDENINGPlace the ConnectPort LTS behind a firewall and isolate it from the business network; use VPN for any required remote access

CVEs (2)

CVE-2020-6975 CVE-2020-6973

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f42dba9b-4014-438c-8687-6bdbf33705a8