Skip to content
→
Skip to footer
→
Skip to search
→
English
Deutsch
Español
Français
中文
Blog
Sign In
How to Buy
Contact Us
Search
Popular Searches:
XCTU
XBee
AnywhereUSB
Industrial Routers
Drivers & Firmware
Solutions
Solutions Home
By Industry
Agriculture
Education
Energy
Industrial
Medical
Retail
Smart Cities
Transportation
All Industries
By Application
Asset and Inventory Management
Digital Signage
Environmental Monitoring
Green Technology
Public Safety and Emergency Services
Public Transit
Traffic Management
All Applications
Packaged Solutions
Digi 360
Digi LifeCycle Assurance
Digi X-ON
Managed Services
Opengear OOB Solutions
SmartSense Monitoring Solutions
Ventus Managed Network Solutions
Technologies
Technologies Home
DAL OS
Digi Accelerated Linux operating system delivers sophisticated device functionality.
Digi SureLink
Persistent network connections ensuring rapid, always-on communications.
Digi TrustFence
Integrated IoT device security framework, device identity and data privacy.
Featured Technologies
5G Connectivity
Anterix Spectrum
Bluetooth
Cellular Failover
Edge Computing
FIPS 140-2
FirstNet
Fixed Wireless Access
Gigabit-Class LTE
LoRaWAN
Out-of-Band Management
Private Networks
SD-WAN
USB Over IP
Wi-SUN
Zigbee Wireless Mesh
All Technologies >
Products
Products Home
Embedded Systems
Digi XBee
Digi XBee Home
Cellular Modems
RF Modules
Gateways
Development Kits
Software and Tools
XBee Studio
XCTU
Cellular Data Plans
Digi XBee for Wi-SUN
Digi ConnectCore
Digi ConnectCore Home
System-on-Modules
Single Board Computers
Development Kits
Software and Tools
Cloud Services
Security Services
Digi X-ON
Digi PLConnect
Cellular and Networking
Cellular Routers and Extenders
Cellular Routers and Extenders Home
Enterprise Routers and Extenders
Industrial Routers
Transportation Routers
Software and Tools
Digi Remote Manager
Digi Containers
Digi Mobile VPN
Digi WAN Bonding
Digi 360
Infrastructure Management
Infrastructure Management Home
Industrial Automation
USB Connectivity
Serial Connectivity
Console Servers
Software and Tools
Digi Navigator
Digi Remote Manager
Digi Axess
Digi LifeCycle Assurance
Professional Services
Managed Connectivity Services
Implementation Services
Application Development
Wireless Design Services
Resources
Resources Home
Resource Library
Datasheets
Ebooks
Solution Briefs
Technical Briefs
Videos
White Papers
All Library Resources
Customer Stories
Events
Examples and Guides
IoT Terminology
Digi Logos and Photos
Product Certifications
Project Gallery
Security Center
Webinars
More Videos
Support
Support Home
Technical Support
Select your product for firmware, drivers, software, knowledge base articles and manuals.
Select Your Product
Customer Portal
Product Certifications
Professional Services
Security Center
Support Forum
Support Services
Company
Company Home
About Digi
Awards and Recognition
Careers
Investor Relations
Leadership
Locations
Media Coverage
Press Releases
Partners
Partner Portal Login
Network Operators
Technology Alliances
Value-Added Resellers
Opengear, A Digi Company
Smart Out-of-Band Management
Visit Opengear
SmartSense by Digi
Sensing-as-a-Service Solutions
Visit SmartSense
Ventus, A Digi Company
Managed Network-as-a-Service (MNaaS)
Visit Ventus
Blog
Sign In
How to Buy
Home
/
Support
/
Knowledge Base
/
Security Articles
Security Knowledge Base Articles
Frag Attack Security Information
To all Digi International Customers,Digi’s Security Team has been reviewing nine related CVEs, more commonly known as Frag Attack. Frag Attack, or fragmentation and aggregation attacks, state...
https://www.digi.com/support/knowledge-base/frag-attack-security-information
Sep 04, 2025
Digi International Security Notice - TRECK TCP/IP Stack "RIPPLE20" VU#257161 ICS-VU-035787
Digi International Security Notice TRECK TCP/IP Stack "RIPPLE20" VU#257161 ICS-VU-035787June 16th, 2020 The following CVE’s have been assigned to these vulnerabilities:CVE...
https://www.digi.com/support/knowledge-base/digi-international-security-notice-treck-tcp-ip-st
Sep 04, 2025
Unique Default Passwords for Digi Products (SB-327)
BackgroundAs of January 1, 2020, the California Consumer Privacy Act SB-327 requires all cellular and internet connected devices manufactured after that date to have unique default passwo...
https://www.digi.com/support/knowledge-base/unique-default-passwords-for-digi-products
Sep 04, 2025
ZigBee Encryption
ZigBee supports the 128-bit AES (Advanced Encryption Standard) encryption to encrypt data on a ZigBee network. Following are answers to frequently asked questions regarding encryption on ZigBee net...
https://www.digi.com/support/knowledge-base/zigbee-encryption
Sep 04, 2025
Security of the XStream and XCite radios (encryption)
Is the wireless communication from Digi radios secure?Many scada or financial applications are sensitive to the potential for intercepted data or unauthorized control of a scada system through a wi...
https://www.digi.com/support/knowledge-base/security-of-the-xstream-and-xcite-radios-encryptio
Sep 04, 2025
Vendor IDentification (VID)
While the proprietary frequency hopping modulation and the number of networks and addresses can make it very difficult for an outsider to eavesdrop on communication, it would be possible for anothe...
https://www.digi.com/support/knowledge-base/vendor-identification-vid
Sep 04, 2025
What security policy is used by the Device Cloud?
Digi Remote Manager security policy is based upon a control matrix developed to support the standards set forth by the National Institute of Standards and Technology (NIST), ISO/IEC 27002, No...
https://www.digi.com/support/knowledge-base/what-security-policy-is-used-by-the-device-cloud
Sep 04, 2025
Digi International Security Notice OpenSSL "Heartbleed"
Digi International Security NoticeApril 14th,2014(Updated 4/18/2014)CVE-2014-0160/ OpenSSL “Heartbleed”OverviewOn April 7th, a critical security vulnerability (CVE-2014-0160), nick...
https://www.digi.com/support/knowledge-base/digi-international-security-notice-openssl-heartbl
Sep 04, 2025
Evaluation of FREAK attack on NET-OS products
Overview:We have just completed our analysis on the impact of the FREAK vulnerability (CVE-2015-0204) on our NET-OS product. The vulnerability that has been listed in the notice, deal with the abil...
https://www.digi.com/support/knowledge-base/evaluation-of-freak-attack-on-net-os-products
Sep 04, 2025
Digi International Security Notice Vulnerability "GHOST"
Digi International Security NoticeOriginally issued March 6th, 2015, updated December 18, 2015 CVE-2015-0235OverviewA critical security vulnerability, reported as CVE-2015-0235, nickna...
https://www.digi.com/support/knowledge-base/digi-international-security-notice-vulnerability-g
Aug 19, 2025
Rules for setting a strong password on the ConnectPort TS
Strong password enforcement is set via the CLI under 'set syssecurity enforce=off/on' To meet the strong password rule in the ConnectPort LTS, more than 4 cases of the following list shoul...
https://www.digi.com/support/knowledge-base/rules-for-setting-a-strong-password-on-the-lts
Aug 19, 2025
SECURITY VULNERABILITY CVE-2016-5696: OFF-PATH ATTACK
A new vulnerability has arisen that has attracted significant attention. As always, Digi tracks all vulnerabilities that emerge and reviews these security issues regarding their impact on Digi prod...
https://www.digi.com/support/knowledge-base/security-vulnerability-cve-2016-5696-off-path-atta
Aug 19, 2025
HOW TO: Enable the Mobile Firewall of an XBee Gateway (CP-X2e ZB) cellular
Description:In the article "Security Bulletin: DNS Proxy Vulnerability on Internet Connected Routers/Gateways", the topic of DNS Proxy Attacks and other forms of mischief which can someti...
https://www.digi.com/support/knowledge-base/how-to-enable-the-mobile-firewall-of-an-xbee-gatew
Aug 19, 2025
Embedded - NET+OS Chips - RomPager - Evaluation of Security Vulnerability – VU#561444 Expanded info
Overview Many Digi products contain and use the RomPager by Allegrosoft web server technology. It has come to our attention that this embedded web server, which is used for management of our devic...
https://www.digi.com/support/knowledge-base/embedded-net-os-chips-rompager-evaluation-of-secur
Aug 19, 2025
Embedded - NET+OS Modules - RomPager - Evaluation of Security Vulnerability – VU#561444 Expanded inf
Overview Many Digi products contain and use the RomPager by Allegrosoft web server technology. It has come to our attention that this embedded web server, which is used for management of our devic...
https://www.digi.com/support/knowledge-base/embedded-net-os-modules-rompager-evaluation-of-sec
Aug 19, 2025
Using SSH with public keys to log into the Digi ConnectPort TS.
Introduction This article explains how to log into the Digi ConnectPort TS 16 using ssh, and public keys.PrerequisitesYou will need to create a new user first. Use puttygen, to generate y...
https://www.digi.com/support/knowledge-base/using-ssh-with-public-keys-to-log-into-the-dig-con
Aug 13, 2025
Digi Router Migration - SarOS to DAL
Background In an effort to deliver the best products to our customers, Digi is transitioning from WR Series cellular routers that use the SarOS operating system to IX Series cellular routers t...
https://www.digi.com/support/knowledge-base/digi-router-migration-saros-to-dal
Jun 23, 2021
XBee Zigbee security on S2C hardware
The purpose of this notice is to inform our customers of a security vulnerability regarding a potential inadvertent transmission of the Network Key “in the clear”. Through a vulnerabili...
https://www.digi.com/support/knowledge-base/xbee-zigbee-security-on-s2c-hardware
Oct 21, 2020
Password for for Digi XBee Gateway Products
California has passed a law banning default passwords like such as “admin,” or “123456”Every new gadget will have to come with “reasonable” security feature...
https://www.digi.com/support/knowledge-base/password-for-an-xbee-industrial-gateway
Aug 31, 2020
Can I know when a device leaves or joins a network
When devices enter the Zigbee network… There are options that can be used for detecting new devices or nodes within a Digi Zigbee network. Using the JN (Join Notificati...
https://www.digi.com/support/knowledge-base/can-i-know-when-a-device-leaves-the-network
Aug 27, 2020
XBee 3 – Secure Session SRP randomization
Digi International Security NoticeSecure Session SRP ephemeral values are not randomized if BLE is disabled Digi International Security NoticeMarch 2, 2020 Overview The purpose of this n...
https://www.digi.com/support/knowledge-base/xbee-3-–-secure-session-srp-randomization
Mar 05, 2020
XBee Zigbee Notice - Keys can be sent in the clear
Digi International Security NoticeTransport Key sent “In the Clear”October 9, 2019 OverviewThe purpose of this notice is to inform our customers of a security vulnerability regardi...
https://www.digi.com/support/knowledge-base/xbee-zigbee-keys-can-be-sent-in-the-clear
Nov 25, 2019
SACK Vulnerability Patch Status
SACK Vulnerability Patch Status for affected Digi products Product Family/ProductVersion fix is included inEstimated Release DateCellularDigi IX1419.8Aug, 2019Digi EX1519.8Aug, 2019Digi LR54...
https://www.digi.com/support/knowledge-base/sack-vulnerability-patch-status
Jul 16, 2019
Is it possible to SSH to a ConnectPort X2e Smart Energy Gateway for access to the command line inter
Is it possible to SSH to a ConnectPort X2e Smart Energy Gateway for access to the command line interface?Due to enhanced security with Smart Energy gateways, it is not possible to access the comman...
https://www.digi.com/support/knowledge-base/is-it-possible-to-ssh-to-a-connectport-x2e-smart-e
Jul 06, 2017
AES Encryption
AES EncryptionDigi's XTend radio has the ability to use 256-bit AES encryption to encrypt and decrypt data that is transmitted over the air. In some applications, such as those sending financia...
https://www.digi.com/support/knowledge-base/aes-encryption
Jul 06, 2017
Digi International Security Notice SSLv3 Vulnerability "POODLE"
Digi International Security NoticeCVE-2014-3566October 28th, 2014OverviewA security vulnerability nicknamed "POODLE" CVE-2014-3566, was announced on October 14th, 2014. We have had ...
https://www.digi.com/support/knowledge-base/digi-international-security-notice-sslv3-vulnerabi
Jul 06, 2017
Scan Shows Port 50000 on PortServer TS and Digi One Products
Port 50000 is used on these devices as a potential point of connection to the device via a method which we refer to as pmodem or pseudo modem. This connection consists of a Raw TCP socket whi...
https://www.digi.com/support/knowledge-base/scan-shows-50000-ports-on-portserver-ts-and-digi-o
Jul 06, 2017